Se connecter / S'enregistrer
Votre question

Redirection de mes recherches google

Tags :
  • software
  • Sécurité
Dernière réponse : dans Sécurité et virus
23 Juillet 2010 16:45:16

Bonjour,

Google redirige mes recherche sur des site que je ne connais pas et ce avec tous les navigateur.
J'ai cherché un peu, combofix ne veux pas se lancer ainsi que Malwarebytes, j'ai réussis à faire un scan avec ZPH et voici se que ca donne:

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK


---\\ Processus lancés
[MD5.822675EB6DD6F078316AA6EBC545518C] - (.Lenovo - ThinkPad Power Management Service.) -- C:\WINDOWS\system32\ibmpmsvc.exe [38176]
[MD5.55CCC8CED5778556F6B516B3858AC970] - (.Intel(R) Corporation - Intel(R) Wireless Management Service.) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [909312]
[MD5.0B1B7568CED61ABF5FD717F28175C96A] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904]
[MD5.E99119F2703B1252E3D4604B0806034E] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [18665472]
[MD5.D503DF3ABA595F551B98B9BAE017A271] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672]
[MD5.D1F8D1A965801316A6B2BAB1E61C4266] - (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe [185688]
[MD5.53CCA6B4DF0977074E85C9A18F42B5CC] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [870672]
[MD5.6F843A95744C172AA94D487427C29E69] - (.Lenovo Group Limited - ThinkVantage Productivity Center MailChecke.) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe [124248]
[MD5.934DE0EDBED59940A2725050DA13A066] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1541416]
[MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [149280]
[MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [112152]
[MD5.39133291CB607BDD87CFC565A4A1E7A5] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [335872]
[MD5.9D5A9F94F1C378B0E1CE02FE61221D5E] - (.Synaptics Incorporated - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [128296]
[MD5.7C4391419852DFC331F6AF620C33AF3C] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [473360]
[MD5.A244E67F073377DE0E53D3068932B040] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [142120]
[MD5.8D54B8CD5930D2A6137D93C23B60C321] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1144104]
[MD5.9A8568C7642B79F43DCEB0BDF9F49050] - (.Druide informatique inc. - Gestionnaire Antidote.) -- C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe [542136]
[MD5.4C4CF9220E628D1378F9807EC5175488] - (.Microsoft Corporation - ActiveSync Connection Manager.) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000]
[MD5.6A413E4D338FB13E58916E3B8051DBBD] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\r_server.exe [241664]
[MD5.58DC20EB15F071804C56FCCC796417A2] - (.Microsoft Corp. - Microsoft SeaPort Search Enhancement Broker.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [226640]
[MD5.DCFC84480C76D862D9BFD386EA6E8DE7] - (.Microsoft Corporation - ActiveSync RAPI Manager.) -- C:\PROGRA~1\MI3AA1~1\rapimgr.exe [199464]
[MD5.0E899D0DB39617AA0B2F992E7E95B5EB] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840]
[MD5.0853A61286A7559734F0EFBB7C4AB5B7] - (.Pas de propriétaire - PWMDBSVC Module.) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [53248]
[MD5.3C30491045DBBD44A42876B3D6F3917D] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [545576]
[MD5.CAB49391861142F93F514B3A8843DA07] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [481280]


---\\ Pages de recherche de Mozilla Firefox (M1)
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\linkfilter@kaspersky.ru


---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.3".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.Nullsoft, Inc. - Winamp Application Detector.) -- C:\Program Files\Mozilla Firefox\Plugins\npwachk.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.2.40.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.5730.13 (longhorn(wmbla).070711-1130)) -- C:\WINDOWS\system32\ieframe.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab - IE Virtual Keyboard.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab - WebToolBar component.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll


---\\ Applications démarrées par registre & par dossier(O4)
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\Windows\RTHDCPL.EXE
O4 - HKLM\..\Run: [LPManager] . (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] . (.Lenovo Group Limited - ThinkVantage Productivity Center MailChecke.) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.dll
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] . (.Druide informatique inc. - Gestionnaire Antidote.) -- C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] . (.Microsoft Corporation - ActiveSync Connection Manager.) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
O4 - HKCU\..\Run: [JDK5SWFMZY] C:\DOCUME~1\DVALLI~1\LOCALS~1\Temp\Evd.exe (.not file.)
O4 - HKCU\..\Run: [VRZJ8K91NT] C:\WINDOWS\Epafob.exe (.not file.)
O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=145
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - ActiveSync Favorite Synchronization.) -- C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} . (.not file.) - (.not file.)
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kbrd.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\logo.ico
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{04F87BC5-7D49-4D5C-A720-07BA8A9A8C0B}: NameServer = 93.188.162.230,93.188.166.210
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9C44116-C989-402F-BA29-44D3E9BDD13C}: NameServer = 93.188.162.230,93.188.166.210
O17 - HKLM\System\CS1\Services\Tcpip\..\{04F87BC5-7D49-4D5C-A720-07BA8A9A8C0B}: NameServer = 93.188.162.230,93.188.166.210
O17 - HKLM\System\CS1\Services\Tcpip\..\{E9C44116-C989-402F-BA29-44D3E9BDD13C}: NameServer = 93.188.162.230,93.188.166.210
O17 - HKLM\System\CS3\Services\Tcpip\..\{04F87BC5-7D49-4D5C-A720-07BA8A9A8C0B}: NameServer = 93.188.162.230,93.188.166.210
O17 - HKLM\System\CS3\Services\Tcpip\..\{E9C44116-C989-402F-BA29-44D3E9BDD13C}: NameServer = 93.188.162.230,93.188.166.210


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\System32\igfxdev.dll
O20 - Winlogon Notify: klogon . (.Kaspersky Lab - Logon Visualizer.) -- C:\WINDOWS\system32\klogon.dll


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Pas de propriétaire - Pas de description.) - (.not file.)


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll


---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) . (.Kaspersky Lab - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) . (.Lenovo - ThinkPad Power Management Service.) - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) . (.Lavasoft - Ad-Aware Service Application.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Power Manager DBC Service (Power Manager DBC Service) . (.Pas de propriétaire - PWMDBSVC Module.) - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Administrator Service (r_server) . (.Pas de propriétaire - Pas de description.) - C:\WINDOWS\system32\r_server.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) . (.Intel(R) Corporation - Intel(R) Wireless Management Service.) - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: System Update (SUService) . (.Pas de propriétaire - Pas de description.) - c:\program files\lenovo\system update\suservice.exe


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\f2309b9d.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1940457431-3073438261-3165143293-1008Core.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1940457431-3073438261-3165143293-1008UA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PMTask.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r12.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (DLACDBHM) . (.Roxio - Shared Driver Component.) - C:\Windows\system32\Drivers\DLACDBHM.sys
O41 - Driver: (DLARTL_M) . (.Roxio - Shared Driver Component.) - C:\Windows\system32\Drivers\DLARTL_M.sys
O41 - Driver: Kl1 (kl1) . (.Kaspersky Lab - Kaspersky Unified Driver.) - C:\WINDOWS\system32\drivers\kl1.sys
O41 - Driver: Kaspersky Lab Driver (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wnet_x86].) - C:\Windows\system32\DRIVERS\klif.sys
O41 - Driver: (TPPWRIF) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\Tppwrif.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: A9CAD - (.A9Tech.) [HKLM]
O42 - Logiciel: APCHQ - Go-Estimations - (.ESI Software.) [HKLM]
O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM]
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems, Inc..) [HKLM]
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Adobe Reader 9.3.3 - Français - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Analyseur MSXML 6.0 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Antidote RX v8 - (.Druide informatique inc..) [HKLM]
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM]
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM]
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM]
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: BS.Player FREE - (.Webteh, d.o.o..) [HKLM]
O42 - Logiciel: Choice Guard - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Configuration DivX - (.DivX, Inc. .) [HKLM]
O42 - Logiciel: Drag-to-Disc - (.Sonic Solutions.) [HKLM]
O42 - Logiciel: Détection de l'application Winamp - (.Nullsoft, Inc.) [HKCU]
O42 - Logiciel: Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Full Tilt Poker - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Gestionnaire d'alimentation ThinkPad - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM]
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM]
O42 - Logiciel: Hotfix for Microsoft .NET Framework 2.0 (KB922981) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Hotfix pour Microsoft .NET Framework 2.0 (KB923319) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM]
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM]
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM]
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM]
O42 - Logiciel: Java(TM) 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM]
O42 - Logiciel: Kaspersky Internet Security 2010 - (.Kaspersky Lab.) [HKLM]
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 2.0 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 3.0 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft ActiveSync - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Project 2000 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Mozilla Firefox (3.6.7) - (.Mozilla.) [HKLM]
O42 - Logiciel: Nero OEM - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: NewsBin Pro - (.DJI Interprises, LLC.) [HKLM]
O42 - Logiciel: Norton PartitionMagic 8.0 - (.Symantec.) [HKLM]
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM]
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM]
O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM]
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM]
O42 - Logiciel: Remote Administrator v2.1 - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM]
O42 - Logiciel: Sonic Icons for Lenovo - (.Lenovo.) [HKLM]
O42 - Logiciel: ThinkPad FullScreen Magnifier - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: ThinkPad PC Card Power Policy - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: ThinkPad Power Management Driver - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: ThinkPad UltraNav Driver - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: ThinkVantage Productivity Center - (.Lenovo.) [HKLM]
O42 - Logiciel: Utilitaire ThinkPad UltraNav - (.Lenovo.) [HKLM]
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM]
O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM]
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: WModem Driver Installer - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Wallpapers - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM]
O42 - Logiciel: Windows Communication Foundation - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Media Connect - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Workflow Foundation - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: XP Themes - (.Lenovo.) [HKLM]
O42 - Logiciel: hubbr - (.
hubbr.net.) [HKCU]
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM]
O42 - Logiciel: pdfsam - (.Pas de propriétaire.) [HKCU]

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\A9Tech]
[HKCU\Software\AC3Filter]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BST]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DJI Interprises]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Druide informatique inc.]
[HKCU\Software\Full Tilt Poker]
[HKCU\Software\G DATA]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IBM]
[HKCU\Software\Intel]
[HKCU\Software\InterVideo]
[HKCU\Software\JDK5SWFMZY]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Lavasoft]
[HKCU\Software\Lenovo]
[HKCU\Software\MGS]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Microgaming]
[HKCU\Software\Monitored]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\QuickPar]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\Seagate Software]
[HKCU\Software\Sonic]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\VRZJ8K91NT]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\XML]
[HKCU\Software\settings]
[HKLM\Software\APCHQ]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\BroadCom]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\DJI Interprises]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Druide informatique inc.]
[HKLM\Software\Full Tilt Poker]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HTC]
[HKLM\Software\IBM]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Lavasoft]
[HKLM\Software\Lenovo]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MapInfo]
[HKLM\Software\McAfee.com]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Nullsoft]
[HKLM\Software\ODBC]
[HKLM\Software\PTECH]
[HKLM\Software\Policies]
[HKLM\Software\RAdmin]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\TeamViewer3]
[HKLM\Software\ThinkVantage]
[HKLM\Software\VideoLAN]
[HKLM\Software\Webteh]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]


---\\ Contenu des dossiers Program Files (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\7-Zip
O43 - CFD:Common File Directory ----D- C:\Program Files\A9Tech
O43 - CFD:Common File Directory ----D- C:\Program Files\Ad-Remover
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\APCHQ
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\ComPlus Applications
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\Druide
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Full Tilt Poker
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\HTC
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\InterVideo
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\JMicron
O43 - CFD:Common File Directory ----D- C:\Program Files\Kaspersky Lab
O43 - CFD:Common File Directory ----D- C:\Program Files\Lavasoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Lenovo
O43 - CFD:Common File Directory ----D- C:\Program Files\MapInfo MapX
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft ActiveSync
O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 6.0
O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting
O43 - CFD:Common File Directory ----D- C:\Program Files\NewsBin
O43 - CFD:Common File Directory ----D- C:\Program Files\Online Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express
O43 - CFD:Common File Directory ----D- C:\Program Files\pdfsam
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickPar
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Radmin
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\Report Designer Component
O43 - CFD:Common File Directory ----D- C:\Program Files\Seagate Software
O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne
O43 - CFD:Common File Directory ----D- C:\Program Files\Sonic Icons for Lenovo
O43 - CFD:Common File Directory ----D- C:\Program Files\Symantec
O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics
O43 - CFD:Common File Directory ----D- C:\Program Files\ThinkPad
O43 - CFD:Common File Directory ----D- C:\Program Files\ThinkVantage
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\Webteh
O43 - CFD:Common File Directory ----D- C:\Program Files\Winamp
O43 - CFD:Common File Directory ----D- C:\Program Files\Winamp Detect
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\xerox
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Installshield
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InterVideo
O43 - CFD:Common File Directory ---AD- C:\Program Files\Fichiers Communs\Lenovo
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1A713273F4877F229857615AAC9C2327] - 2010-07-03 - 12:09:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2278]
O44 - LFC:[MD5.B7C19EC8B0DD7EFA58AD41FFEB8B8CDA] - 2010-07-11 - 15:37:16 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\WINDOWS\System32\drivers\Lbd.sys [64288]
O44 - LFC:[MD5.AD6A4304803D8491437CEC9FA1C5359F] - 2010-07-11 - 17:20:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\lsdelete.exe [15880]
O44 - LFC:[MD5.3D02C58A045CA9BBC967A95DBBD4DFDF] - 2010-07-16 - 11:35:21 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Antidote.ini [148]
O44 - LFC:[MD5.2C354889AF2574B8E4253258C43464A0] - 2010-07-20 - 10:41:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [27288]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 2010-07-22 - 12:25:49 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.6DE2253CEA132184D476852834FA3731] - 2010-07-22 - 16:23:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupact.log [215467]
O44 - LFC:[MD5.0CF00B1491294EED04E3FCCD137E34FE] - 2010-07-22 - 22:32:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [3051]
O44 - LFC:[MD5.D18BCE7704860C8F21CA944ACE778D91] - 2010-07-22 - 22:37:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [3364]
O44 - LFC:[MD5.00000000000000000000000000000000] - 2010-07-22 - 22:37:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32582]
O44 - LFC:[MD5.D8207C28D1277D66324C0AE6C52C4A30] - 2010-07-22 - 22:38:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\aaw7boot.log [3310]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 2010-07-22 - 22:38:45 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.00000000000000000000000000000000] - 2010-07-22 - 22:39:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.00000000000000000000000000000000] - 2010-07-22 - 22:39:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2010-07-22 - 22:39:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.13D97BF3224F4A684A3CFB2A7FFEB308] - 2010-07-22 - 22:43:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[2].txt [2314]
O44 - LFC:[MD5.00000000000000000000000000000000] - 2010-07-22 - 22:45:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [334553]


---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll


---\\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" [Enabled] .(.Microsoft Corporation - ActiveSync RAPI Manager.) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [Enabled] .(.Microsoft Corporation - ActiveSync Connection Manager.) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" [Enabled] .(.Microsoft Corporation - ActiveSync Application.) -- C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O47 - AAKE:Key Export SP - "C:\Program Files\NewsBin\nbpro.exe" [Enabled] .(.CMCEI - NewsbinPro Newsgroup Reader.) -- C:\Program Files\NewsBin\nbpro.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\spoolsv.exe" [Enabled] .(.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Microsoft ActiveSync\rapimgr.exe" [Enabled] .(.Microsoft Corporation - ActiveSync RAPI Manager.) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [Enabled] .(.Microsoft Corporation - ActiveSync Connection Manager.) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" [Enabled] .(.Microsoft Corporation - ActiveSync Application.) -- C:\Program Files\Microsoft ActiveSync\WCESMgr.exe


---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll


---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)


---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\RoxioDragToDisc [Key] . (.Roxio - Drag To Disc Application.) -- C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe
O53 - SMSR:HKLM\...\startupreg\RoxWatchTray [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
O53 - SMSR:HKLM\...\startupreg\TVT Scheduler Proxy [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe


---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 2009-05-18 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
O58 - SDL:[MD5.CE3958F58547454884E97BDA78CD7040] - 2009-09-01 - 14:29:50 ---A- . (.Kaspersky Lab - Kaspersky Unified Driver.) -- C:\WINDOWS\system32\drivers\kl1.sys
O58 - SDL:[MD5.53EEDAB3F0511321AC3AE8BC968B158C] - 2009-10-14 - 20:18:34 ---A- . (.Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) -- C:\WINDOWS\system32\drivers\klbg.sys
O58 - SDL:[MD5.439C778700FCE23F2852535D6FA5996D] - 2010-04-06 - 08:41:45 ---A- . (.Kaspersky Lab - Klif Mini-Filter [fre_wnet_x86].) -- C:\WINDOWS\system32\drivers\klif.sys
O58 - SDL:[MD5.FBDC2034B58D2135D25FE99EB8B747C3] - 2009-09-14 - 13:42:46 ---A- . (.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) -- C:\WINDOWS\system32\drivers\klim5.sys
O58 - SDL:[MD5.1F351C4BA53BFE58A1CA5FCDD11E1F81] - 2009-10-02 - 18:39:44 ---A- . (.Kaspersky Lab - KLMOUFLT Mouse Device Filter [fre_wnet_x86].) -- C:\WINDOWS\system32\drivers\klmouflt.sys
O58 - SDL:[MD5.B7C19EC8B0DD7EFA58AD41FFEB8B8CDA] - 2010-06-21 - 12:44:11 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\WINDOWS\system32\drivers\Lbd.sys
O58 - SDL:[MD5.04F3971B70A7855F04D351AA4BEE7799] - 2004-05-05 - 20:48:40 ---A- . (.PowerQuest Corporation - PowerQuest Boot Mode Driver..) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys
O58 - SDL:[MD5.E8C1B9EBAC65288E1B51E8A987D98AF6] - 2010-04-16 - 07:33:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\drivers\usbaapl.sys


---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.)
O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)


---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - (.not file.) - Ac Profile Manager Service (AcPrfMgrSvc) .(.Pas de propriétaire - Pas de description.) - LEGACY_ACPRFMGRSVC
O64 - Services: CurCS - (.not file.) - Access Connections Main Service (AcSvc) .(.Pas de propriétaire - Pas de description.) - LEGACY_ACSVC
O64 - Services: CurCS - (.not file.) - ANC (ANC) .(.Pas de propriétaire - Pas de description.) - LEGACY_ANC
O64 - Services: CurCS - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe - Apple Mobile Device (Apple Mobile Device) .(.Apple Inc. - Apple Mobile Device Service.) - LEGACY_APPLE_MOBILE_DEVICE
O64 - Services: CurCS - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe - Kaspersky Internet Security (AVP) .(.Kaspersky Lab - Kaspersky Anti-Virus.) - LEGACY_AVP
O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - C:\Windows\system32\DLA\DLABMFSM.sys - DLABMFSM (DLABMFSM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABMFSM
O64 - Services: CurCS - C:\Windows\system32\DLA\DLABOIOM.sys - DLABOIOM (DLABOIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABOIOM
O64 - Services: CurCS - C:\Windows\system32\DLA\DLADResM.sys - DLADResM (DLADResM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLADRESM
O64 - Services: CurCS - C:\Windows\system32\DLA\DLAIFS_M.sys - DLAIFS_M (DLAIFS_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAIFS_M
O64 - Services: CurCS - C:\Windows\system32\DLA\DLAOPIOM.sys - DLAOPIOM (DLAOPIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAOPIOM
O64 - Services: CurCS - C:\Windows\system32\DLA\DLAPoolM.sys - DLAPoolM (DLAPoolM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAPOOLM
O64 - Services: CurCS - C:\Windows\system32\Drivers\DLARTL_M.sys - DLARTL_M (DLARTL_M) .(.Roxio - Shared Driver Component.) - LEGACY_DLARTL_M
O64 - Services: CurCS - C:\Windows\system32\DLA\DLAUDFAM.sys - DLAUDFAM (DLAUDFAM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDFAM
O64 - Services: CurCS - C:\Windows\system32\DLA\DLAUDF_M.sys - DLAUDF_M (DLAUDF_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDF_M
O64 - Services: CurCS - C:\Windows\system32\Drivers\DRVNDDM.sys - DRVNDDM (DRVNDDM) .(.Roxio - Device Driver Manager.) - LEGACY_DRVNDDM
O64 - Services: CurCS - C:\Program Files\Intel\WiFi\bin\EvtEng.exe - Intel(R) PROSet/Wireless Event Log (EvtEng) .(.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - LEGACY_EVTENG
O64 - Services: CurCS - (.not file.) - fwloapog (fwloapog) .(.Pas de propriétaire - Pas de description.) - LEGACY_FWLOAPOG
O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate) (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe - Intel(R) Matrix Storage Event Monitor (IAANTMON) .(.Intel Corporation - RAID Monitor.) - LEGACY_IAANTMON
O64 - Services: CurCS - C:\WINDOWS\system32\ibmpmsvc.exe - ThinkPad PM Service (IBMPMSVC) .(.Lenovo - ThinkPad Power Management Service.) - LEGACY_IBMPMSVC
O64 - Services: CurCS - (.not file.) - IBMTPCHK (IBMTPCHK) .(.Pas de propriétaire - Pas de description.) - LEGACY_IBMTPCHK
O64 - Services: CurCS - C:\Program Files\iPod\bin\iPodService.exe - Service de l’iPod (iPod Service) .(.Apple Inc. - iPodService Module (32-bit).) - LEGACY_IPOD_SERVICE
O64 - Services: CurCS - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe - IviRegMgr (IviRegMgr) .(.InterVideo - RegMgr Module.) - LEGACY_IVIREGMGR
O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\kl1.sys - Kl1 (kl1) .(.Kaspersky Lab - Kaspersky Unified Driver.) - LEGACY_KL1
O64 - Services: CurCS - C:\Windows\system32\drivers\klbg.sys - Kaspersky Lab Boot Guard Driver (klbg) .(.Kaspersky Lab - Kaspersky Lab Boot Guard Driver.) - LEGACY_KLBG
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\klif.sys - Kaspersky Lab Driver (KLIF) .(.Kaspersky Lab - Klif Mini-Filter [fre_wnet_x86].) - LEGACY_KLIF
O64 - Services: CurCS - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe - Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) .(.Lavasoft - Ad-Aware Service Application.) - LEGACY_LAVASOFT_AD-AWARE_SERVICE
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\Lbd.sys - Lbd (Lbd) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD
O64 - Services: CurCS - (.not file.) - Lenovo System Interface Driver (lenovo.smi) .(.Pas de propriétaire - Pas de description.) - LEGACY_LENOVO.SMI
O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR
O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP
O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS
O64 - Services: CurCS - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe - Power Manager DBC Service (Power Manager DBC Service) .(.Pas de propriétaire - PWMDBSVC Module.) - LEGACY_POWER_MANAGER_DBC_SERVICE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PQNTDRV.sys - PQNTDrv (PQNTDrv) .(.PowerQuest Corporation - PowerQuest Boot Mode Driver..) - LEGACY_PQNTDRV
O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP
O64 - Services: CurCS - C:\Windows\system32\drivers\regi.sys - regi (regi) .(.InterVideo - regi driver.) - LEGACY_REGI
O64 - Services: CurCS - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe - Intel(R) PROSet/Wireless Registry Service (RegSrvc) .(.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - LEGACY_REGSRVC
O64 - Services: CurCS - (.not file.) - LiveShare P2P Server 10 (RoxLiveShare10) .(.Pas de propriétaire - Pas de description.) - LEGACY_ROXLIVESHARE10
O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS
O64 - Services: CurCS - C:\WINDOWS\system32\r_server.exe - Remote Administrator Service (r_server) .(.Pas de propriétaire - Pas de description.) - LEGACY_R_SERVER
O64 - Services: CurCS - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe - Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) .(.Intel(R) Corporation - Intel(R) Wireless Management Service.) - LEGACY_S24EVENTMONITOR
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\s24trans.sys - Transport RLAN (s24trans) .(.Intel Corporation - Intel WLAN Packet Driver.) - LEGACY_S24TRANS
O64 - Services: CurCS - (.not file.) - System Update (SUService) .(.Pas de propriétaire - Pas de description.) - LEGACY_SUSERVICE
O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE
O64 - Services: CurCS - (.not file.) - ThinkPad HDD APS Logging Service (TPHDEXLGSVC) .(.Pas de propriétaire - Pas de description.) - LEGACY_TPHDEXLGSVC
O64 - Services: CurCS - (.not file.) - TPHKDRV (TPHKDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_TPHKDRV
O64 - Services: CurCS - (.not file.) - Incrustation (TPHKSVC) .(.Pas de propriétaire - Pas de description.) - LEGACY_TPHKSVC
O64 - Services: CurCS - C:\Windows\system32\drivers\Tppwrif.sys - TPPWRIF (TPPWRIF) .(.Pas de propriétaire - Pas de description.) - LEGACY_TPPWRIF
O64 - Services: CurCS - (.not file.) - tvtfilter (tvtfilter) .(.Pas de propriétaire - Pas de description.) - LEGACY_TVTFILTER
O64 - Services: CurCS - (.not file.) - tvtumon (tvtumon) .(.Pas de propriétaire - Pas de description.) - LEGACY_TVTUMON


---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe


---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\fc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google

Autres pages sur : redirection recherches google

23 Juillet 2010 17:12:11

Ci-joint le scan Hjack, si ca peut vous aider, merci


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:10:30, on 2010-07-23
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\r_server.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [JDK5SWFMZY] C:\DOCUME~1\DVALLI~1\LOCALS~1\Temp\Evd.exe
O4 - HKCU\..\Run: [VRZJ8K91NT] C:\WINDOWS\Epafob.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{04F87BC5-7D49-4D5C-A720-07BA8A9A8C0B}: NameServer = 93.188.162.230,93.188.166.210
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9C44116-C989-402F-BA29-44D3E9BDD13C}: NameServer = 93.188.162.230,93.188.166.210
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.230,93.188.166.210
O17 - HKLM\System\CS1\Services\Tcpip\..\{04F87BC5-7D49-4D5C-A720-07BA8A9A8C0B}: NameServer = 93.188.162.230,93.188.166.210
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.230,93.188.166.210
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: System Update (SUService) - Unknown owner - c:\program files\lenovo\system update\suservice.exe (file missing)
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 12684 bytes
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS