KS_Croc

Tout s'est bien passé, mais maintenant, c'est plus l'ordinateur qu'internet qui rame. Le disque dur semble toujours en activité... Edit : On dirait que j'ai un problème avec QuickTime, j'ai eu un message d'erreur le concernant... :-/

Merci pour ta réponse. j'ai l'impression qu'Internet est un peu plus rapide. Rapport ____________________________ All processes killed ========== OTL ========== Service HidServ stopped successfully! Service HidServ deleted successfully! Service AppMgmt stopped successfully! Service AppMgmt deleted successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search bar| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar_bak| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page_bak| /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! Prefs.js: "Softonic_France Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox not found. File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF not found. C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\searchplugin folder moved successfully. C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\META-INF folder moved successfully. C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\lib folder moved successfully. C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\defaults folder moved successfully. C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\components folder moved successfully. C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\chrome folder moved successfully. C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352} folder moved successfully. Starting removal of ActiveX control {193C772A-87BE-4B19-A7BB-445B226FE9A1} Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{193C772A-87BE-4B19-A7BB-445B226FE9A1}\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{193C772A-87BE-4B19-A7BB-445B226FE9A1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{193C772A-87BE-4B19-A7BB-445B226FE9A1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{193C772A-87BE-4B19-A7BB-445B226FE9A1}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{193C772A-87BE-4B19-A7BB-445B226FE9A1}\ not found. Starting removal of ActiveX control {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} C:\WINDOWS\Downloaded Program Files\oscan8.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found. Starting removal of ActiveX control {67DABFBF-D0AB-41FA-9C46-CC0F21721616} C:\WINDOWS\Downloaded Program Files\DivXPlugin.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found. Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5} C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found. Starting removal of ActiveX control {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000} Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully. File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found. Starting removal of ActiveX control DirectAnimation Java Classes Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found. File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found. Starting removal of ActiveX control Microsoft XML Parser for Java Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3091d8b8-0c75-11dc-9a38-000c76678d6a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3091d8b8-0c75-11dc-9a38-000c76678d6a}\ not found. File H:\InstallTomTomHOME.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e2fecec-613a-11db-9a03-000c76678d6a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9e2fecec-613a-11db-9a03-000c76678d6a}\ not found. File H:\InstallTomTomHOME.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6d8940b-2ce9-11da-995f-000c76678d6a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b6d8940b-2ce9-11da-995f-000c76678d6a}\ not found. C:\WINDOWS\system32\setup.exe moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc5b2ccd-1c8f-11de-90aa-000c76678d6a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fc5b2ccd-1c8f-11de-90aa-000c76678d6a}\ not found. File H:\setupSNK.exe not found. C:\aaw7boot.log moved successfully. C:\Ad-Report-CLEAN[1].txt moved successfully. C:\Ad-Report-CLEAN[2].txt moved successfully. C:\Ad-Report-CLEAN[3].txt moved successfully. C:\Ad-Report-CLEAN[4].txt moved successfully. C:\Ad-Report-SCAN[1].txt moved successfully. C:\Ad-Report-SCAN[2].txt moved successfully. C:\Ad-Report-SCAN[3].txt moved successfully. C:\Delme.bat moved successfully. ADS C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\Tools\Kazaa Lite K++\KazaaLite.kpp deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\Tools\eMule\emule.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\tools\AVG Anti-Spyware 7.5\avgas.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgam.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgupd.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\AVG\AVG8\avgnsx.exe deleted successfully. ========== FILES ========== < ipconfig /flushdns /c > Configuration IP de Windows Cache de résolution DNS vidé. C:\Documents and Settings\Nico\Bureau\cmd.bat deleted successfully. C:\Documents and Settings\Nico\Bureau\cmd.txt deleted successfully. C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully. C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully. C:\WINDOWS\tasks\At1.job moved successfully. C:\WINDOWS\tasks\At2.job moved successfully. C:\WINDOWS\tasks\At3.job moved successfully. C:\WINDOWS\tasks\GlaryInitialize.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1916744890-1713376151-1188671554-1006Core.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1916744890-1713376151-1188671554-1006UA.job moved successfully. File\Folder C:\*.sqm not found. C:\WINDOWS\System32\CONFIG.TMP moved successfully. C:\WINDOWS\002496_.tmp moved successfully. C:\WINDOWS\005728_.tmp moved successfully. C:\WINDOWS\wininit.tmp moved successfully. C:\Program Files\AVG\AVG8 folder moved successfully. C:\Program Files\AVG folder moved successfully. File\Folder D:\Tools\Kazaa Lite K++ not found. D:\Tools\eMule\webserver folder moved successfully. D:\Tools\eMule\Temp folder moved successfully. D:\Tools\eMule\skins folder moved successfully. D:\Tools\eMule\logs folder moved successfully. D:\Tools\eMule\lang folder moved successfully. D:\Tools\eMule\Incoming folder moved successfully. D:\Tools\eMule\config folder moved successfully. D:\Tools\eMule folder moved successfully. C:\tools\AVG Anti-Spyware 7.5 folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 475 bytes User: All Users User: Autres ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 475 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 32969 bytes User: Michel ->Temp folder emptied: 249004 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 523 bytes User: MLF ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 475 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 873989 bytes User: Nico ->Temp folder emptied: 13035046 bytes ->Temporary Internet Files folder emptied: 459154 bytes ->Java cache emptied: 1823818 bytes ->FireFox cache emptied: 78216992 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 1357752 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 255 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 129141972 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 696678 bytes RecycleBin emptied: 164200 bytes Total Files Cleaned = 216,00 mb [EMPTYFLASH] User: Administrateur ->Flash cache emptied: 0 bytes User: All Users User: Autres ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: LocalService User: Michel ->Flash cache emptied: 0 bytes User: MLF ->Flash cache emptied: 0 bytes User: NetworkService User: Nico ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.26.5 log created on 08192011_093917 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

Extras.txt ___________________________ OTL Extras logfile created on: 18/08/2011 19:29:39 - Run 1 OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Nico\Mes documents\Téléchargements Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 511,48 Mb Total Physical Memory | 205,52 Mb Available Physical Memory | 40,18% Memory free 1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,43% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,22 Gb Total Space | 25,08 Gb Free Space | 33,79% Space Free | Partition Type: NTFS Drive D: | 72,27 Gb Total Space | 51,31 Gb Free Space | 70,99% Space Free | Partition Type: NTFS Drive E: | 2,55 Gb Total Space | 1,10 Gb Free Space | 42,92% Space Free | Partition Type: FAT32 Computer Name: HERMES | User Name: Nico | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = FirefoxHTML] -- C:\tools\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\tools\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "D:\Tools\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "D:\Tools\Winamp\Winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "D:\Tools\Winamp\Winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\games\Dawn of War\W40k.exe" = D:\games\Dawn of War\W40k.exe:*:Disabled:W40K "D:\3dsmax6\3dsmax.exe" = D:\3dsmax6\3dsmax.exe:*:Disabled:3ds max application "D:\Tools\FileZilla\filezilla.exe" = D:\Tools\FileZilla\filezilla.exe:*:Enabled:FileZilla -- () "D:\Tools\Kazaa Lite K++\KazaaLite.kpp" = D:\Tools\Kazaa Lite K++\KazaaLite.kpp:*:Disabled:KazaaLite "D:\games\HL2\hl2.exe" = D:\games\HL2\hl2.exe:*:Disabled:hl2 -- () "D:\games\Half-Life\hlds.exe" = D:\games\Half-Life\hlds.exe:*:Disabled:hlds "D:\Tools\SketchUp 4\SketchUp.exe" = D:\Tools\SketchUp 4\SketchUp.exe:*:Disabled:SketchUp Application -- (@Last Software, Inc.) "D:\games\Battlefield 1942\BF1942.exe" = D:\games\Battlefield 1942\BF1942.exe:*:Disabled:BF1942 "C:\Program Files\OneClick\OneClick.exe" = C:\Program Files\OneClick\OneClick.exe:*:Disabled:OneClick "D:\games\Black & White\runblack.exe" = D:\games\Black & White\runblack.exe:*:Disabled:lh "C:\Program Files\Real\RealOne Player\realplay.exe" = C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player -- (RealNetworks, Inc.) "C:\Program Files\Java\jre1.5.0_05\bin\javaw.exe" = C:\Program Files\Java\jre1.5.0_05\bin\javaw.exe:*:Enabled:Java 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.) "C:\WINDOWS\system32\rtcshare.exe" = C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC -- (Microsoft Corporation) "D:\Tools\AceHTML 5 Pro\acehtml.exe" = D:\Tools\AceHTML 5 Pro\acehtml.exe:*:Enabled:AceHTML 5 Pro Executable -- (Visicom Media Inc.) "D:\Tools\LeechFTP\Leechftp.exe" = D:\Tools\LeechFTP\Leechftp.exe:*:Enabled:LeechFTP "C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe" = C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe:*:Disabled:Java 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.) "C:\tools\AVG Anti-Spyware 7.5\avgas.exe" = C:\tools\AVG Anti-Spyware 7.5\avgas.exe:*:Enabled:AVG Anti-Spyware "D:\games\World of Warcraft\WoW-1.2.1-to-1.2.2-Patch-frFR-Downloader.exe" = D:\games\World of Warcraft\WoW-1.2.1-to-1.2.2-Patch-frFR-Downloader.exe:*:Disabled:Blizzard Downloader "D:\games\World of Warcraft\WoW-1.2.0-Patch-frFR-Downloader.exe" = D:\games\World of Warcraft\WoW-1.2.0-Patch-frFR-Downloader.exe:*:Disabled:Blizzard Downloader "C:\Documents and Settings\Nico\Bureau\WoW-1.1.2-Installer-Downloader-frFR.exe" = C:\Documents and Settings\Nico\Bureau\WoW-1.1.2-Installer-Downloader-frFR.exe:*:Disabled:Blizzard Downloader "C:\Temp\CTD_FirmwareUpgrader.exe" = C:\Temp\CTD_FirmwareUpgrader.exe:*:Disabled:CTD_FirmwareUpgrader -- (Terra Virtual) "D:\games\Wolfenstein - Enemy Territory\ET.exe" = D:\games\Wolfenstein - Enemy Territory\ET.exe:*:Disabled:ET "C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Disabled:Google Talk "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting® -- (Microsoft Corporation) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( ) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\AVG\AVG8\avgam.exe" = C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe "C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe "C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe "C:\Program Files\America's Army\System\ArmyOps.exe" = C:\Program Files\America's Army\System\ArmyOps.exe:*:Disabled:ArmyOps "D:\Tools\eMule\emule.exe" = D:\Tools\eMule\emule.exe:*:Disabled:eMule -- (http://www.emule-project.net) "D:\tools\Skype\Phone\Skype.exe" = D:\tools\Skype\Phone\Skype.exe:*:Disabled:Skype "D:\games\Warcraft III\war3.exe" = D:\games\Warcraft III\war3.exe:*:Disabled:Warcraft III -- (Blizzard Entertainment) "C:\Program Files\LEA\SoftPlug\V3.1\SoftPlug.exe" = C:\Program Files\LEA\SoftPlug\V3.1\SoftPlug.exe:*:Enabled:SoftPlug -- (LEA) "C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0000040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01958032-9877-4118-B87F-9EFA74B3F15F}" = Adobe Version Cue "{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA "{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery "{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig "{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 11 "{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8 "{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK "{31851B85-C98E-44DE-8750-9843BCD63963}" = Adobe After Effects 5.5 "{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone "{36D6F663-DF15-45BD-B0C6-4B909308E3B6}" = Informations sur votre PC "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}" = Macromedia Extension Manager "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{416DFEDD-9F1B-4EFC-AF70-FCA891AE0251}" = Adobe InDesign CS "{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1 "{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Visionneuse Journal Windows Microsoft "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0 "{64D114CE-4234-45C2-B60A-2B07D5A48F72}" = Microsoft Works 7.0 "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = Power Cinema "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA "{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme "{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Utilitaire de sauvegarde Windows "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI "{7F34A21F-2DEB-4598-BB19-611D6BD24271}" = Managed DirectX (0901) "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{876D774C-04D0-4796-B6A0-B7945340847D}" = SoftPlug V3.1.0 "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder "{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload "{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{9051040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003 "{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}" = Adobe Illustrator CS "{9421EB49-B1C8-496F-A307-FF0E4F43E6F5}" = SketchUp 4.0 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-1033-F400-7760-000000000001}" = Adobe Acrobat 6.0 Professional - English, Français, Deutsch "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.5 - Français "{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig "{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support "{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour "{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config "{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery "{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour "{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch "{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White "{E61B400A-DE10-43E5-8F45-37DB764BFCFB}" = InstantCopy "{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" = Alcohol 120% "{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Medion Flash XL "{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1 "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan "{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}" = Natural Color "{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA "{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations "{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer "{FF70923C-8A51-47F4-A7E9-893C6D54EB68}" = TES Construction Set "7-Zip" = 7-Zip 4.65 "AC3Filter_is1" = AC3Filter 1.63b "AceHTML 5 Pro" = AceHTML 5 Pro "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop 6.0" = Adobe Photoshop 6.0 "Ad-Remover" = Ad-Remover par C_XX "All Media Fixer_is1" = All Media Fixer 9.10 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Bass Audio Decoder" = Bass Audio Decoder (remove only) "CCleaner" = CCleaner "CD Audio Reader Filter" = CD Audio Reader Filter (remove only) "C-Media Audio" = C-Media 3D Audio "Cubemaster_2000" = Cubemaster 2000 v3.0 "DCoder Image Source" = DCoder Image Source (remove only) "DirectVobSub" = DirectVobSub (remove only) "DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders "EPSON Printer and Utilities" = EPSON Logiciel imprimante "ESET Online Scanner" = ESET Online Scanner v3 "Ethnos 3.5" = Ethnos 3.5 "EuroThink Adresses 2.30_is1" = EuroThink Adresses "ffdshow_is1" = ffdshow [rev 3124] [2009-11-03] "FFMPEG Core Files" = FFMPEG Core Files (remove only) "FileZilla" = FileZilla (remove only) "Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only) "Glary Utilities_is1" = Glary Utilities 2.30.0.1066 "HaaliMkx" = Haali Media Splitter "HijackThis" = HijackThis 2.0.2 "HP Document Viewer" = HP Document Viewer 7.0 "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Photo & Imaging" = HP Photosmart Premier Software 6.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Customer Participation Program 7.0 "HPOCR" = OCR Software by I.R.I.S 7.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "Lucasarts_Collection_CD1_1.0" = Lucasarts Collection 1.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only) "Mozilla Firefox (3.6." = Mozilla Firefox (3.6. "Mozilla Thunderbird (3.1.2)" = Mozilla Thunderbird (3.1.2) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nikon FotoShare" = Nikon FotoShare "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers "NVIDIA Display Driver" = NVIDIA Display Driver "OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only) "OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only) "OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only) "QuickSFV" = QuickSFV (Remove only) "RealMedia" = RealMedia (remove only) "RealPlayer 6.0" = RealOne Player "RenMultiFiles Pro_is1" = RenMultiFiles Pro "SFR_Kit" = SFR - Kit de connexion "Shockwave" = Shockwave "SHOUTcast Source" = SHOUTcast Source (remove only) "SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver "ST6UNST #1" = Color Mixer "VLC media player" = VLC media player 1.1.2 "Winamp" = Winamp (remove only) "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WinPcapInst" = WinPcap 4.0.1 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "ZoomPlayer" = Zoom Player (remove only) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Google Chrome" = Google Chrome "Warcraft III" = Warcraft III: All Products ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 19/05/2011 21:56:56 | Computer Name = HERMES | Source = Application Error | ID = 1000 Description = Application défaillante mbam.exe, version 1.50.1.3, module défaillant version.dll, version 5.1.2600.5512, adresse de défaillance 0x00001d22. Error - 29/05/2011 20:46:18 | Computer Name = HERMES | Source = Application Error | ID = 1000 Description = Application défaillante mbam.exe, version 1.50.1.3, module défaillant version.dll, version 5.1.2600.5512, adresse de défaillance 0x00001d22. Error - 19/06/2011 06:13:54 | Computer Name = HERMES | Source = MBAMService | ID = 131073 Description = Error - 19/06/2011 06:14:01 | Computer Name = HERMES | Source = MBAMService | ID = 131073 Description = Error - 19/06/2011 06:14:05 | Computer Name = HERMES | Source = MBAMService | ID = 131073 Description = Error - 02/07/2011 01:00:24 | Computer Name = HERMES | Source = Application Hang | ID = 1002 Description = Application bloquée firefox.exe, version 1.9.2.3855, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 02/07/2011 01:00:53 | Computer Name = HERMES | Source = Application Hang | ID = 1002 Description = Application bloquée firefox.exe, version 1.9.2.3855, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 08/07/2011 11:43:13 | Computer Name = HERMES | Source = Application Hang | ID = 1002 Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 06/08/2011 15:44:24 | Computer Name = HERMES | Source = WmiAdapter | ID = 4099 Description = Échec de l'ouverture de services. Error - 14/08/2011 01:12:56 | Computer Name = HERMES | Source = Application Hang | ID = 1002 Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. [ System Events ] Error - 11/08/2011 01:46:05 | Computer Name = HERMES | Source = W32Time | ID = 39452701 Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes. NtpClient n'a pas de source de temps précis. Error - 11/08/2011 11:44:36 | Computer Name = HERMES | Source = Service Control Manager | ID = 7000 Description = Le service General Purpose USB Driver (adildr.sys) n'a pas pu démarrer en raison de l'erreur : %%1058 Error - 13/08/2011 01:54:41 | Computer Name = HERMES | Source = W32Time | ID = 39452689 Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération a été tentée sur un hôte impossible à atteindre. (0x80072751) Error - 13/08/2011 01:54:41 | Computer Name = HERMES | Source = W32Time | ID = 39452701 Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes. NtpClient n'a pas de source de temps précis. Error - 13/08/2011 01:54:43 | Computer Name = HERMES | Source = W32Time | ID = 39452689 Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération a été tentée sur un hôte impossible à atteindre. (0x80072751) Error - 13/08/2011 01:54:43 | Computer Name = HERMES | Source = W32Time | ID = 39452701 Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes. NtpClient n'a pas de source de temps précis. Error - 13/08/2011 01:54:45 | Computer Name = HERMES | Source = W32Time | ID = 39452689 Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération a été tentée sur un hôte impossible à atteindre. (0x80072751) Error - 13/08/2011 01:54:45 | Computer Name = HERMES | Source = W32Time | ID = 39452701 Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes. NtpClient n'a pas de source de temps précis. Error - 13/08/2011 01:54:48 | Computer Name = HERMES | Source = W32Time | ID = 39452689 Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération a été tentée sur un hôte impossible à atteindre. (0x80072751) Error - 13/08/2011 01:54:48 | Computer Name = HERMES | Source = W32Time | ID = 39452701 Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes. NtpClient n'a pas de source de temps précis. < End of report >

OTL.txt _______________ OTL logfile created on: 18/08/2011 19:29:39 - Run 1 OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Nico\Mes documents\Téléchargements Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 511,48 Mb Total Physical Memory | 205,52 Mb Available Physical Memory | 40,18% Memory free 1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,43% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,22 Gb Total Space | 25,08 Gb Free Space | 33,79% Space Free | Partition Type: NTFS Drive D: | 72,27 Gb Total Space | 51,31 Gb Free Space | 70,99% Space Free | Partition Type: NTFS Drive E: | 2,55 Gb Total Space | 1,10 Gb Free Space | 42,92% Space Free | Partition Type: FAT32 Computer Name: HERMES | User Name: Nico | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/08/18 19:23:03 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Nico\Mes documents\Téléchargements\OTL.exe PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/04/28 07:36:12 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\tools\Avira\AntiVir Desktop\sched.exe PRC - [2011/03/31 16:48:11 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\tools\Avira\AntiVir Desktop\avguard.exe PRC - [2011/02/18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/08/17 14:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\tools\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/01/14 23:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\tools\Avira\AntiVir Desktop\avshadow.exe PRC - [2008/10/20 22:18:26 | 000,071,096 | ---- | M] () -- C:\toons\CDBurnerXP\NMSAccessU.exe PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2007/03/06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe PRC - [2006/02/10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe PRC - [2003/05/02 09:23:58 | 000,954,475 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe PRC - [2001/08/09 03:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe ========== Modules (No Company Name) ========== MOD - [2010/10/06 23:52:44 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9ae37194\mscorlib.dll MOD - [2010/10/06 23:52:39 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_6427b8ac\system.drawing.dll MOD - [2010/10/06 23:52:32 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_c84ed540\system.xml.dll MOD - [2010/10/06 23:52:24 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_2ba453b1\system.windows.forms.dll MOD - [2010/10/06 23:52:09 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_2dd7f61e\system.dll MOD - [2010/10/06 23:51:56 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll MOD - [2010/06/17 16:28:02 | 000,355,688 | ---- | M] () -- C:\tools\Avira\AntiVir Desktop\sqlite3.dll MOD - [2009/02/27 17:37:16 | 000,311,296 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA MOD - [2009/01/11 00:15:44 | 000,159,744 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll MOD - [2009/01/11 00:14:06 | 000,023,552 | ---- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll MOD - [2008/10/27 17:27:37 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll MOD - [2008/10/27 17:27:36 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqisrtb.resources.dll MOD - [2008/10/27 17:27:29 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll MOD - [2008/10/27 17:27:29 | 000,376,832 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqedit.resources.dll MOD - [2008/10/27 17:27:28 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll MOD - [2008/10/27 17:27:28 | 000,258,048 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqbakup.resources.dll MOD - [2008/10/27 17:27:24 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll MOD - [2008/10/27 17:27:23 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll MOD - [2008/10/27 17:27:23 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqprrsc.resources.dll MOD - [2008/10/27 17:27:22 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll MOD - [2008/10/27 17:27:22 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll MOD - [2008/10/27 17:27:22 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll MOD - [2008/10/27 17:27:22 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll MOD - [2008/10/27 17:27:22 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll MOD - [2008/10/27 17:27:22 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll MOD - [2008/10/27 17:27:22 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll MOD - [2008/10/27 17:27:21 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll MOD - [2008/10/27 17:27:21 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll MOD - [2008/10/27 17:27:21 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll MOD - [2008/10/27 17:27:21 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll MOD - [2008/10/27 17:27:20 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll MOD - [2008/10/27 17:27:20 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll MOD - [2008/10/27 17:27:20 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll MOD - [2008/10/27 17:27:20 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll MOD - [2008/10/27 17:27:20 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll MOD - [2008/10/27 17:27:20 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll MOD - [2008/10/27 17:27:19 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll MOD - [2008/10/27 17:27:19 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll MOD - [2008/10/27 17:27:19 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqtray.resources.dll MOD - [2008/10/27 17:27:19 | 000,094,208 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqcprsc.resources.dll MOD - [2008/10/27 17:27:19 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll MOD - [2008/10/27 17:27:19 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll MOD - [2008/10/27 17:27:19 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll MOD - [2008/10/27 17:27:19 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqfmrsc.resources.dll MOD - [2008/10/27 17:27:19 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll MOD - [2008/10/27 17:27:19 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll MOD - [2008/10/27 17:27:18 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll MOD - [2008/10/27 17:27:18 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll MOD - [2008/10/27 17:27:18 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqcc2.resources.dll MOD - [2008/10/20 22:18:26 | 000,071,096 | ---- | M] () -- C:\toons\CDBurnerXP\NMSAccessU.exe MOD - [2008/04/14 04:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2005/10/20 11:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll MOD - [2005/10/20 11:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll MOD - [2005/09/13 01:04:13 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll MOD - [2005/09/13 01:04:12 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll MOD - [2005/09/13 01:04:11 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll MOD - [2003/09/22 11:26:35 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_fr_b77a5c561934e089\mscorlib.resources.dll MOD - [2003/09/22 11:26:35 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_fr_b77a5c561934e089\system.resources.dll MOD - [2003/09/22 11:25:51 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll MOD - [2003/05/15 03:11:04 | 000,753,664 | ---- | M] () -- D:\Tools\Adobe\Adobe Acrobat 6.0\Distillr\AdistRes.FRA MOD - [2003/05/02 09:23:58 | 000,954,475 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe MOD - [2003/05/02 09:23:10 | 000,081,920 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\languages\french.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/04/28 07:36:12 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\tools\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/03/31 16:48:11 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\tools\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/02/18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2008/10/20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\toons\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008/04/13 20:46:21 | 000,011,776 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\drivers\bdasup.sys -- (Rasiecw) SRV - [2007/08/09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2007/06/29 02:01:48 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2007/03/06 11:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2005/04/04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003/07/28 21:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2001/08/09 03:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2) ========== Driver Services (SafeList) ========== DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/03/31 16:48:12 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010/12/13 18:14:59 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/06/17 16:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/06/17 16:27:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\tools\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/04/13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008/04/13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2007/06/29 02:01:48 | 000,042,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2004/11/22 17:36:40 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5) DRV - [2003/10/05 10:41:14 | 000,123,520 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sojubus.sys -- (sojubus) DRV - [2003/09/28 10:57:52 | 000,005,504 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sojuscsi.sys -- (sojuscsi) DRV - [2003/07/22 08:14:04 | 000,004,608 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\npptNT.sys -- (NPPTNT) DRV - [2003/05/22 17:44:44 | 000,670,203 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51) DRV - [2003/05/15 15:04:00 | 000,126,764 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nvcap.sys -- (nvcap) nVidia WDM Video Capture (universal) DRV - [2003/05/15 15:04:00 | 000,013,070 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nvxbar.sys -- (NVXBAR) DRV - [2003/04/19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl) DRV - [2003/03/27 15:38:44 | 000,127,145 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2003/03/25 19:02:12 | 000,046,455 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ADILOADER) General Purpose USB Driver (adildr.sys) DRV - [2003/03/02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl) DRV - [2003/02/20 09:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP) DRV - [2002/07/10 17:39:34 | 000,032,256 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC) DRV - [2002/04/17 20:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K) DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001/08/17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar_bak = http://81.211.105.9/search.php?v=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page_bak = http://81.211.105.9/index.php?v=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Softonic_France Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="'>http://redirecterror.sfr.fr/?q=" FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\tools\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\tools\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\tools\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.835: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1136: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.847: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\tools\Mozilla Firefox\components [2011/08/18 19:28:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\tools\Mozilla Firefox\plugins [2011/08/18 19:28:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\tools\Mozilla Thunderbird\components [2011/08/18 19:28:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\tools\Mozilla Thunderbird\plugins [2010/08/11 10:02:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Extensions [2010/08/11 10:02:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/06/23 06:14:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions [2009/06/25 20:24:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/02/15 09:02:26 | 000,000,000 | ---D | M] (Softonic_France Community Toolbar) -- C:\Documents and Settings\Nico\Application Data\Mozilla\Firefox\Profiles\b88d5hmy.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352} [2010/08/11 23:34:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2009/03/29 11:59:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010/08/09 22:45:55 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/08/09 22:45:55 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/08/09 22:45:55 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/08/09 22:45:56 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/08/09 22:45:56 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/03/30 15:04:19 | 000,000,137 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\tools\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Cmaudio] C:\WINDOWS\CMICNFG.CPL (C-Media Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\tools\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe () O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10t_Plugin.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION) O4 - Startup: C:\Documents and Settings\Nico\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk = C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: SpecifyDefaultButtons = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Search = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: ([]msn in My Computer) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewido.net/ewidoOnlineScan.cab (ewidoOnlineScan Control) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37886.2140277778 (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Nico\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{3091d8b8-0c75-11dc-9a38-000c76678d6a}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe O33 - MountPoints2\{9e2fecec-613a-11db-9a03-000c76678d6a}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe O33 - MountPoints2\{b6d8940b-2ce9-11da-995f-000c76678d6a}\Shell\Setup\command - "" = C:\WINDOWS\System32\setup.exe -- [2008/04/14 04:34:21 | 000,023,040 | ---- | M] (Microsoft Corporation) O33 - MountPoints2\{fc5b2ccd-1c8f-11de-90aa-000c76678d6a}\Shell\AutoRun\command - "" = H:\setupSNK.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: Ip6FwHlp - File not found Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm () Drivers32: MSACM.MI-SC4 - MI-SC4.acm File not found Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIV3 - C:\WINDOWS\System32\DivXc32.dll (Hacked with Joy !) Drivers32: vidc.DIV4 - C:\WINDOWS\System32\DivXc32f.dll (Hacked with Joy !) Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: vidc.LEAD - LCODCCMP.DLL File not found Drivers32: VIDC.VP40 - vp4vfw.dll File not found Drivers32: vidc.yv12 - DivX.dll File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/08/18 19:28:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime [2011/08/17 23:08:14 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011/08/17 23:04:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Nico\Recent [2011/08/11 00:32:00 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2011/08/11 00:31:12 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [2011/07/21 10:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes [2011/07/21 10:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/07/21 10:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2003/10/05 10:41:14 | 000,123,520 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\sojubus.sys [2003/09/28 10:57:52 | 000,005,504 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\sojuscsi.sys [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/08/18 19:32:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/08/18 19:28:19 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk [2011/08/18 19:10:00 | 000,001,144 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1916744890-1713376151-1188671554-1006UA.job [2011/08/18 11:10:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1916744890-1713376151-1188671554-1006Core.job [2011/08/18 09:33:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011/08/15 23:12:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011/08/11 17:47:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/08/11 17:44:43 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job [2011/08/11 17:44:24 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys [2011/08/11 03:12:15 | 000,505,778 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/08/11 03:12:15 | 000,436,602 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/08/11 03:12:15 | 000,083,068 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/08/11 03:12:15 | 000,069,922 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/08/10 01:12:58 | 000,002,259 | ---- | M] () -- C:\Documents and Settings\Nico\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011/08/10 01:12:57 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\Nico\Bureau\Google Chrome.lnk [2011/08/09 18:42:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2011/08/08 18:42:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2011/08/07 18:42:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At3.job [2011/07/25 17:09:56 | 005,969,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2011/07/21 10:56:54 | 000,001,486 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/08/18 19:32:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/08/18 19:28:18 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk [2011/07/21 10:56:54 | 000,001,486 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\iTunes.lnk [2010/08/13 23:00:26 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010/03/17 09:08:16 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\Nico\Application Data\zxcdyt.dat [2008/10/27 18:19:33 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2008/10/27 16:58:29 | 000,128,583 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2008/09/06 14:52:08 | 000,221,184 | --S- | C] () -- C:\WINDOWS\System32\glut32.dll [2008/05/24 18:14:18 | 000,006,048 | ---- | C] () -- C:\WINDOWS\System32\MCC16.dll [2007/12/30 12:39:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2007/09/28 18:07:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2007/09/28 18:05:08 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2007/06/29 02:01:48 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll [2007/04/20 01:14:31 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat [2006/11/11 20:27:34 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache [2006/05/25 01:22:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe [2006/02/08 08:20:58 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html [2005/10/31 05:38:41 | 000,000,069 | ---- | C] () -- C:\WINDOWS\SOL.INI [2005/10/02 15:53:51 | 000,001,229 | ---- | C] () -- C:\WINDOWS\scummvm.ini [2005/09/24 17:04:35 | 000,001,610 | ---- | C] () -- C:\WINDOWS\HARRAPF.INI [2005/09/24 17:04:35 | 000,000,826 | ---- | C] () -- C:\WINDOWS\HLIVRES.INI [2005/09/24 17:04:35 | 000,000,497 | ---- | C] () -- C:\WINDOWS\PNAME.INI [2005/09/24 17:04:35 | 000,000,327 | ---- | C] () -- C:\WINDOWS\LNAME.INI [2005/09/24 17:04:35 | 000,000,327 | ---- | C] () -- C:\WINDOWS\GNAME.INI [2005/04/18 23:37:26 | 000,000,530 | ---- | C] () -- C:\WINDOWS\eReg.dat [2005/03/20 02:10:35 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll [2005/03/20 02:10:35 | 000,032,758 | ---- | C] () -- C:\WINDOWS\xobglu32.dll [2005/03/19 16:26:01 | 000,015,840 | ---- | C] () -- C:\WINDOWS\System32\Machnm1.exe [2005/03/01 15:30:20 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2004/12/18 14:45:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2004/12/18 01:21:12 | 000,182,272 | ---- | C] () -- C:\WINDOWS\patchw32.dll [2004/10/16 02:12:26 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2004/10/10 07:02:46 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/09/25 00:29:55 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe [2004/09/05 18:02:19 | 000,000,209 | ---- | C] () -- C:\WINDOWS\the_cyanide_shop.ini [2004/09/05 18:02:14 | 000,000,379 | ---- | C] () -- C:\WINDOWS\TheCyanideShop.Ini [2004/08/15 16:37:00 | 000,075,614 | ---- | C] () -- C:\WINDOWS\War3Unin.dat [2004/06/20 02:14:31 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2004/06/20 00:52:40 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys [2004/06/20 00:52:40 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys [2004/06/19 17:30:42 | 000,000,040 | ---- | C] () -- C:\WINDOWS\nero.INI [2004/05/29 22:49:55 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2004/03/31 00:38:53 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll [2004/03/31 00:38:53 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll [2004/02/22 16:36:27 | 000,132,429 | ---- | C] () -- C:\WINDOWS\unstall.exe [2004/02/12 00:51:39 | 000,000,017 | ---- | C] () -- C:\WINDOWS\adm.ini [2004/02/12 00:50:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\UnACE.dll [2004/02/11 00:04:37 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe [2004/02/07 00:00:26 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI [2004/02/01 01:31:39 | 000,000,176 | ---- | C] () -- C:\WINDOWS\CS_MD_T.ini [2004/01/24 00:35:06 | 000,000,339 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2004/01/11 19:34:44 | 000,000,497 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2003/12/13 17:16:56 | 000,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys [2003/12/13 01:18:37 | 000,000,057 | ---- | C] () -- C:\WINDOWS\emule.INI [2003/12/07 13:59:22 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Nico\Local Settings\Application Data\fusioncache.dat [2003/12/06 22:51:03 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini [2003/12/06 19:48:36 | 000,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2003/12/06 19:48:36 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2003/12/06 19:48:27 | 000,000,342 | ---- | C] () -- C:\WINDOWS\adiras.ini [2003/12/06 19:48:26 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\ipdetect.exe [2003/12/06 19:48:24 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2003/12/06 19:48:24 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2003/12/06 19:48:23 | 000,143,360 | ---- | C] () -- C:\WINDOWS\autoclk.exe [2003/12/06 19:48:23 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin [2003/11/06 20:35:35 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll [2003/11/06 20:27:14 | 000,063,488 | ---- | C] () -- C:\Documents and Settings\Nico\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2003/10/06 14:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll [2003/09/22 14:29:56 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2003/09/22 13:22:48 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2003/09/22 13:22:00 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2003/09/22 13:04:37 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2003/09/22 12:57:38 | 001,892,352 | ---- | C] () -- C:\WINDOWS\CMIWCNFG.DLL [2003/09/22 12:57:38 | 000,229,376 | ---- | C] () -- C:\WINDOWS\CMIRMDRV.EXE [2003/09/22 12:57:38 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRMDRV.DLL [2003/09/22 12:57:38 | 000,003,392 | ---- | C] () -- C:\WINDOWS\cmiainfo.sys [2003/09/22 12:57:38 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI [2003/09/22 12:57:38 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2003/09/22 12:57:37 | 001,892,352 | ---- | C] () -- C:\WINDOWS\System32\cmiwcnfg.dll [2003/09/22 12:57:37 | 000,000,228 | ---- | C] () -- C:\WINDOWS\wininit.ini [2003/09/22 12:57:36 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe [2003/09/22 12:57:36 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2003/09/22 12:57:33 | 000,253,952 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe [2003/09/22 12:57:33 | 000,212,992 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe [2003/09/22 12:57:33 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll [2003/09/22 12:53:57 | 000,073,728 | ---- | C] () -- C:\WINDOWS\Dit.exe [2003/09/22 12:53:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\DitExp.exe [2003/09/22 12:53:57 | 000,065,536 | ---- | C] () -- C:\WINDOWS\Dit.DLL [2003/09/22 12:53:57 | 000,000,208 | ---- | C] () -- C:\WINDOWS\Dit.INI [2003/09/22 12:17:11 | 000,005,678 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2003/09/22 12:16:34 | 000,560,504 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2003/09/22 11:41:08 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2003/09/22 11:26:45 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2003/09/22 11:24:16 | 000,000,843 | ---- | C] () -- C:\WINDOWS\orun32.ini [2003/09/22 11:19:43 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2003/09/22 11:13:27 | 000,000,846 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2003/09/22 11:13:20 | 000,505,778 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2003/09/22 11:13:20 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2003/09/22 11:13:20 | 000,083,068 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2003/09/22 11:13:20 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2003/09/22 11:13:05 | 000,436,602 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2003/09/22 11:13:05 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2003/09/22 11:13:05 | 000,069,922 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2003/09/22 11:13:05 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2003/09/22 11:13:04 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2003/09/22 11:13:04 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2003/09/22 11:13:02 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2003/09/22 11:12:58 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2003/09/22 11:12:58 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2003/09/22 11:12:54 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2003/09/22 11:12:46 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2003/05/05 09:55:36 | 000,393,728 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe [2003/01/08 15:55:50 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\VOBRegCheck.exe [2002/03/17 02:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000082.DLL [2001/09/17 14:20:02 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2001/07/07 04:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [2000/09/14 03:03:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1997/01/16 06:00:00 | 000,030,736 | ---- | C] () -- C:\WINDOWS\System32\mpms32.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/08/13 07:59:49 | 000,001,212 | ---- | M] () -- C:\aaw7boot.log [2011/06/23 04:43:06 | 000,006,582 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt [2011/06/25 20:24:46 | 000,004,792 | ---- | M] () -- C:\Ad-Report-CLEAN[2].txt [2011/06/27 08:07:06 | 000,004,858 | ---- | M] () -- C:\Ad-Report-CLEAN[3].txt [2011/07/21 11:35:11 | 000,004,989 | ---- | M] () -- C:\Ad-Report-CLEAN[4].txt [2011/06/22 12:07:15 | 000,012,484 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt [2011/06/23 04:40:44 | 000,012,551 | ---- | M] () -- C:\Ad-Report-SCAN[2].txt [2011/07/21 11:31:42 | 000,010,440 | ---- | M] () -- C:\Ad-Report-SCAN[3].txt [2006/07/08 23:31:07 | 000,000,216 | RHS- | M] () -- C:\boot.ini [2002/08/30 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2003/09/22 11:21:19 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2005/02/23 21:01:19 | 000,000,218 | ---- | M] () -- C:\Delme.bat [2003/12/06 19:48:36 | 000,000,186 | ---- | M] () -- C:\driversagem.log [2011/08/11 17:44:24 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys [2003/09/22 11:21:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/04/30 23:44:12 | 000,000,127 | ---- | M] () -- C:\mbam-error.txt [2003/09/22 11:21:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2004/10/10 13:39:53 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/08/03 18:21:47 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/08/11 17:44:22 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys [2011/08/18 19:32:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2004/08/14 00:16:59 | 000,000,056 | -HS- | M] () -- C:\redir.sys [2006/07/09 00:39:46 | 000,010,919 | ---- | M] () -- C:\resultat.txt [2009/11/26 17:40:29 | 000,000,143 | ---- | M] () -- C:\TCleaner.txt [2004/10/24 22:17:39 | 000,001,187 | ---- | M] () -- C:\temp.log [2008/12/24 16:59:03 | 000,000,510 | ---- | M] () -- C:\updatedatfix.log < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2003/09/22 13:16:01 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2003/09/22 13:16:01 | 000,606,208 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2003/09/22 13:16:01 | 000,413,696 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2011/07/15 15:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys [2011/07/08 16:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndistapi.sys [2011/06/24 16:10:47 | 000,139,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpwd.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-11 01:13:08 ========== Alternate Data Streams ========== @Alternate Data Stream - 3636 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc < End of report >

Bonjour, pas d'amélioration notable de la rapidité d'internet... Voici les rapports : _________________________________ ESET Aucune menace détectée _________________________________ CHECKUP Results of screen317's Security Check version 0.99.18 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Avira AntiVir Personal - Free Antivirus ESET Online Scanner v3 ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 CCleaner Java 6 Update 11 Java 6 Update 3 Java 6 Update 5 Java 6 Update 7 Out of date Java installed! Adobe Flash Player 10.3.181.26 Mozilla Firefox (3.6.Firefox Out of Date! Mozilla Thunderbird (3.1.2) Thunderbird Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Malwarebytes' Anti-Malware mbamservice.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe ``````````End of Log```````````` _________________________________ HIJACKTHIS Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 06:28:19, on 18/08/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\tools\Avira\AntiVir Desktop\sched.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\Explorer.EXE C:\toons\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\tools\Avira\AntiVir Desktop\avgnt.exe C:\tools\iTunes\iTunesHelper.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\dllhost.exe C:\tools\Avira\AntiVir Desktop\avguard.exe C:\tools\Avira\AntiVir Desktop\avshadow.exe C:\tools\Mozilla Firefox\firefox.exe C:\tools\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\Nico\Bureau\icons\secu\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avgnt] "C:\tools\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\tools\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\tools\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\tools\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10t_Plugin.exe -update plugin O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\tools\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\tools\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NMSAccessU - Unknown owner - C:\toons\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 8772 bytes

Bonjour à tous, Depuis quelques temps, mon Internet est lent... J'ai effectué tous les scans recommandés qui ne m'indiquent rien de particulier. (Malware bytes, Antivir, Spybot) Pourriez-vous jeter un oeil à mon analyse HiJack This? (Tout conseil d'optimisation est également bienvenu) Merci d'avance! ______________________________________________________________________________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:09:01, on 21/07/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\tools\Avira\AntiVir Desktop\sched.exe C:\tools\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe C:\tools\Avira\AntiVir Desktop\avshadow.exe C:\toons\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\tools\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\tools\Avira\AntiVir Desktop\avnotify.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\iPod\bin\iPodService.exe C:\tools\iTunes\iTunesHelper.exe C:\tools\Mozilla Firefox\firefox.exe C:\tools\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Nico\Bureau\icons\secu\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Tools\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe -CheckReg O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avgnt] "C:\tools\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\tools\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [QuickTime Task] "C:\tools\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\tools\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Nico\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Nico\Application Data\Dropbox\bin\Dropbox.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\tools\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\tools\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\tools\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NMSAccessU - Unknown owner - C:\toons\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 8468 bytes _________________________________________________________________________________

Scan effectué, pas d'erreur trouvée... Entre temps, j'ai été dans "rapports et solutions aux problèmes". J'ai notamment mis-à-jour le flash player. Le seul changement, c'est un message à chaque lancement de Firefox:

On peut continuer à chercher... C'est simplement que je ne vois pas trop d'où ça peut venir. J'ai un DVD de Vista ed. Familiale Premium. Mais je ne sais pas trop quoi en faire... Quand j'exécute, il ne me propose que d'installer. Que dois-je faire avec ça?

Raté, ça ne change rien... Je ne vois vraiment pas quoi faire. Je pense qu'il ne me reste plus qu'à réinstaller windows. Existe-il des tutoriaux concernant la réinstallation de windows? (effacement des précédentes données, installation et configuration de la nouvelle version...) Mais si tu as d'autres pistes avant ça, n'hésite pas! ^__^ Merci

J'ai essayé de diagnostiquer avec "Fix it center". http://fixitcenter.support.microsoft.com/Portal/ Je n'arrive pas à installer le soft car il doit télécharger du contenu et que l'ordinateur refuse. Je pense vraiment qu'il faut d'abord que je desactive le pare-feu windows... Mais je ne peux pas le faire via l'interface, il me faudrait, je pense, une procédure en ligne de commande. Merci!

Non, ça ne change rien. T_T

Même soucis en "mode sans echec". Je n'arrive pas à déconnecter le Pare-feu Windows... Quand je passe par le centre de sécurité: Quand j'essaye d'exécuter le fichier directement: En faisant une recherche, je suis tombé sur cette page: Pare-feu Windows Plus inquiétant encore, j'ai une "alerte de sécurité windows" dans la barre des taches. Quand je clique dessus:

Je n'arrive pas à ré-installer le soft. Je télécharge la dernière version, je clique dessus et le message ci-dessous s'affiche: Le problème, c'est que ce message apparait sur plusieurs fichiers exécutables... Pour information, je n'avais jamais vu ce type de message avant l'infection ThinkPoint. J'ai peut-être fait une mauvaise manipulation qui a modifié les autorisations / le niveau de sécurité. J'ai également essayé une restauration du système, mais au redémarrage, l'assistant n'arrive pas à s'exécuter. Je ne sais vraiment pas d'où ça peut venir. Pour info, j'ai utilisé : Glary Utilities, AntiVir, MBAM, Spybot, MicrosoftFixit50198

J'ai toujours un problème au démarrage: Le fichier existe... Rapport MBAM :

Je n'arrive pas à ouvrir le fichier CBS.log :

Concernant la gravur, j'utilise "CD Burner XP" ou l'outil intégré à Windows. Rapport ZHPDiag:

Merci pour vos réponses. AntiVir est déjà mon antivirus. Voici le rapport ZHPDiag (il est très long...): Rapport de ZHPDiag v1.22.06 par Nicolas Coolman, Update du 14/10/2010 Run by Nicolas at 25/10/2010 07:49:12 Web site : ZHPDiag Outil de diagnostic Contact : nicolascoolman@yahoo.fr ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18975 MFIE: Mozilla Firefox (3.6) ---\\ System Information Platform : Windows Vista Home Premium (6.0.6002) Service Pack 2 Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3326 MB (58% free) System drive C: has 393 GB (56%) free of 699 GB ---\\ Logged in mode Computer Name: HERMES User Name: Nicolas All Users Names: Nicolas, ASPNET, Administrateur, Unselected Option: O1,O45,O61,O62,O65,O82 Logged in as Administrator ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 393 Go of 699 Go) D:\ CD-ROM drive (Not Inserted) E:\ Hard drive, Flash drive, Thumb drive (Free 89 Go of 466 Go) F:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 7 Go) H:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 1 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK ---\\ Processus lancés [MD5.38440FE1A65B1FE3D246C5C4CAD22F53] - (.Logitech Inc. - Logitech Video COM Service.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904] [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [MD5.D93985F5D87DF1A119E939EADB5C4B9E] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6266880] [MD5.6AFD3970A41F48306874DB23991A4955] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [49152] [MD5.D60F738C300AF71E1E75CB5E1BFBCC8C] - (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe [1662976] [MD5.C68BD48274B8C6E4401CF9F71A0CA4BD] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [565008] [MD5.CB619A546FCCBD72A2E9A7F3E0B22907] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\QuickCam\Quickcam.exe [2407184] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [MD5.E2724029D3648C2EB226D16678727FA9] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [202256] [MD5.B995BCBC001150974EDD1637295600BD] - (.Valve Corporation - Steam.) -- C:\games\Steam\Steam.exe [1242448] [MD5.D0948BE9B3547B9669195D7F84FC09F7] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe [805392] [MD5.0115F266EBA02BA77A3BDA183877F0C4] - (.Logitech Inc. - Camera Control Interface.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [447248] [MD5.19E0D28FE38F55CA4C63F77D3657959A] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE [76304] [MD5.CBAC41ADDDD6D5C761CDDD2C015CEF2C] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\tools\ZHPDiag\ZHPDiag.exe [580096] ---\\ Page de démarrage de Mozilla Firefox (M0) M0 - MFSP: prefs.js [Nicolas - 9yz36mxw.default] www.yahoo.fr ---\\ Programmes d'extension pour Mozilla Firefox (M2) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\battlefieldheroespatcher@ea.com] [] Battlefield Heroes Updater 4.0.27.0 (.EA Digital Illusions CE AB.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\noia2_option@kk.noia] [] Noia 2.0 eXtreme OPT 3.76 (.Kongkeat Kuatrakull / Gerard Durand.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\silvermel@pardal.de] [] Silvermel 1.3.5 (.Alex W. / Pardal F..) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\silvermelxt@pardal.de] [] Silvermel and Charamel XT 1.3.5 (.Pardal Freudenthal.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\tineye@ideeinc.com] [] TinEye Reverse Image Search 1.0 (.Martine Vong.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant 1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}] [] Walnut pour Firefox" em:description="Walnut pour Firefox, basé sur des icônes de 1.2.1 (.Alfred Kayser (alfredkayser@gmail.com).) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\{74b288e6-77b6-41c7-8138-bb81f4539689}] [] iFox Graphite 3.5 (.riz.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\{81514210-E22A-4e69-93D5-E1EFD45B4620}] [] Past Modern 0.3.10.01.23 (.Kuden.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}] [] Noia 2.0 (eXtreme) 3.76 (.Kongkeat Kuatrakull.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper 4.8.1 (.Michel Gutierrez.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\{D46E8522-6E86-44b1-A622-58C0668AD78E}] [] Classic Compact 3.6.0 (.Ken Barbalace EnvironmentalChemistry.com.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [bitdefender] BitDefender QuickScan 3.6.0 (.BitDefender R&D Team.) M2 - MFEP: prefs.js [Nicolas - 9yz36mxw.default\{ff356687-aa08-463d-a46c-11c451824939}] [] Red Cats (blue flavor) 5.0.0 (.Red_Fat_Lazy_Cat.) ---\\ Plugins de navigateurs Opera/Firefox(P1/P2) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">k.) -- C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.732] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.732] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.732] - (.RealNetworks, Inc. - 6.0.12.732.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll P2 - FPN: [HKLM] [@unity3d.com/UnityPlayer] - (.Unity Technologies ApS - Unity Player 2.5.0f5.) -- C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Pages de démarrage d'Internet Explorer (R0) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = soft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe O4 - HKLM\..\Run: [ANIWZCS2Service] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-510] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe O4 - HKLM\..\Run: [LogitechQuickCamRibbon] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\QuickCam\Quickcam.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] . (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Windows\KHALMNPR.exe O4 - HKLM\..\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\tools\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKCU\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\games\Steam\Steam.exe O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Launcher.) -- C:\tools\Alcohol 52\axcmd.exe O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-2834075546-1717853909-3895651648-1005\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\games\Steam\Steam.exe O4 - HKUS\S-1-5-21-2834075546-1717853909-3895651648-1005\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Launcher.) -- C:\tools\Alcohol 52\axcmd.exe O4 - HKUS\S-1-5-21-2834075546-1717853909-3895651648-1005\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-2834075546-1717853909-3895651648-1005\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorVisionStartup.lnk . (.ColorVision Inc..) -- C:\tools\ColorVision\Utility\ColorVisionStartup.exe O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide de Microsoft Office OneNote 2003.lnk . (.Microsoft Corporation.) -- C:\tools\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk . (.Logitech, Inc..) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk . (.Spotify Ltd.) -- C:\tools\Spotify\spotify.exe O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Nicolas\Desktop\Free FLV Converter.lnk . (.Koyote Soft.) -- C:\tools\Free FLV Converter\FreeFLVConverter.exe O4 - Global Startup: C:\Users\Nicolas\Desktop\Spotify.lnk . (.Spotify Ltd.) -- C:\tools\Spotify\spotify.exe O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\tools\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Messaging.) -- C:\tools\Mozilla Thunderbird\thunderbird.exe O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk . (.Nullsoft, Inc..) -- C:\tools\Winamp\winamp.exe O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\zplayer - Raccourci.lnk . (.Pas de propriétaire.) -- C:\tools\Zoom Player\zplayer.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\tools\MICROS~1\OFFICE11\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.not file.) - (.not file.) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\tools\MICROS~1\OFFICE11\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Computer, Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - scan_fr/scan8/oscan8.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - sisoft.com/asquared.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - S/getPlusPlus/1.6/gp.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7DC3F64A-87F9-42C8-A268-4BD07ED28D93}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{BAB0AF97-342B-4B21-ACE6-C4253727306A}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{7DC3F64A-87F9-42C8-A268-4BD07ED28D93}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{BAB0AF97-342B-4B21-ACE6-C4253727306A}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS3\Services\Tcpip\..\{7DC3F64A-87F9-42C8-A268-4BD07ED28D93}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS3\Services\Tcpip\..\{BAB0AF97-342B-4B21-ACE6-C4253727306A}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) . (.Apple Computer, Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service Google Update (gupdate1c9c2b31153e2b1) (gupdate1c9c2b31153e2b1) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LVCOMSer (LVCOMSer) . (.Logitech Inc. - Logitech Video COM Service.) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NMSAccessU (NMSAccessU) . (.Pas de propriétaire - Pas de description.) - C:\tools\CDBurnerXP\NMSAccessU.exe O23 - Service: PnkBstrA (PnkBstrA) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB (PnkBstrB) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\PnkBstrB.exe O23 - Service: StarWind AE Service (StarWindServiceAE) . (.Rocket Division Software - StarWind iSCSI Target (Alcohol Edition).) - C:\tools\Alcohol 52\StarWind\StarWindServiceAE.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{3656D20E-68BD-42AC-AB4C-B7FA1BC63CB0}.job ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- C:\Windows\system32\Macromed\Flash\Flash10c.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: avgio (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {2614F54E-A828-49FA-93BA-45A3F756BFAA} O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: AHV content for Acrobat and Flash - (.Adobe Systems Incorporated.) [HKLM] -- {6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD} O42 - Logiciel: ANIWZCS2 Service - (.Pas de propriétaire.) [HKLM] -- {4C590030-7469-453E-8589-D15DA9D03F52} O42 - Logiciel: AceHTML 6 Pro - (.Pas de propriétaire.) [HKLM] -- AceHTML 6 Pro O42 - Logiciel: Add or Remove Adobe Creative Suite 3 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_4dcfd9b7e901b57f81f667144603236 O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723} O42 - Logiciel: Adobe After Effects CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {EB0202F7-016A-410C-ADE4-40F848CCC661} O42 - Logiciel: Adobe After Effects CS3 Presets - (.Adobe Systems Incorporated.) [HKLM] -- {193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285} O42 - Logiciel: Adobe After Effects CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_3675c95c239b992d5d0ee8fce969b9e O42 - Logiciel: Adobe After Effects CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM] -- {7ECEF10B-F1C2-4FD5-861F-A3FCB4653304} O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95} O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394} O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23} O42 - Logiciel: Adobe BridgeTalk Plugin CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E} O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C} O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} O42 - Logiciel: Adobe Color - Photoshop Specific - (.Adobe Systems Incorporated.) [HKLM] -- {A2D81E70-2A98-4A08-A628-94388B063C5E} O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} O42 - Logiciel: Adobe Color EU Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {51846830-E7B2-4218-8968-B77F0FF475B8} O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} O42 - Logiciel: Adobe Color NA Recommended Settings - (.Adobe Systems Incorporated.) [HKLM] -- {95655ED4-7CA5-46DF-907F-7144877A32E5} O42 - Logiciel: Adobe Creative Suite 3 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- {8718DC03-D066-4957-94E5-50C3C5042E8E} O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D} O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD} O42 - Logiciel: Adobe Dreamweaver CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {7C10F5C7-F00F-4BD3-A110-C7D240D2DD25} O42 - Logiciel: Adobe Encore CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54B2EAD9-A110-43F7-B010-2859A1BD2AFE} O42 - Logiciel: Adobe Encore CS3 Codecs - (.Adobe Systems Incorporated.) [HKLM] -- {B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931} O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2} O42 - Logiciel: Adobe Extension Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {BE5F3842-8309-4754-92D5-83E02E6077A3} O42 - Logiciel: Adobe Fireworks CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {7DFC1012-D346-46CE-B03E-FF79125AE029} O42 - Logiciel: Adobe Flash CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6B52140A-F189-4945-BFFC-DB3F00B8C589} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Flash Video Encoder - (.Adobe Systems Incorporated.) [HKLM] -- {2EFFFC71-1E66-454E-A6E6-CEEC800B96D2} O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B} O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {7ACFB90E-8FD0-4397-AD3A-5195412623A3} O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {F08E8D2E-F132-4742-9C87-D5FF223A016A} O42 - Logiciel: Adobe InDesign CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {CB3F8375-B600-4B9F-83C9-238ED1E583FD} O42 - Logiciel: Adobe InDesign CS3 Icon Handler - (.Adobe Systems Incorporated.) [HKLM] -- {EA7B3CC4-366D-4CF6-8350-FD7A7034116E} O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078} O42 - Logiciel: Adobe MotionPicture Color Files - (.Adobe Systems Incorporated.) [HKLM] -- {6B708481-748A-4EB4-97C1-CD386244FF77} O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C} O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {0046FA01-C5B9-4985-BACB-398DC480FC05} O42 - Logiciel: Adobe Premiere Pro CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA} O42 - Logiciel: Adobe Premiere Pro CS3 Functional Content - (.Adobe Systems Incorporated.) [HKLM] -- {50F102CA-4BE2-41A9-9810-5BB05EB91B9A} O42 - Logiciel: Adobe Premiere Pro CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM] -- {485ACF57-F364-440A-8496-E1E81C8FA1AA} O42 - Logiciel: Adobe Reader 9.4.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001} O42 - Logiciel: Adobe SING CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B671CBFD-4109-4D35-9252-3062D3CCB7B2} O42 - Logiciel: Adobe SVG Viewer - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {004685F7-9FB6-4789-812F-59ABB34A55AF} O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {4458C442-7376-4CF9-AF58-E8CEA6722363} O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Adobe Soundbooth CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {A6B23EFA-6590-482C-A11F-5ACE1B91F5B9} O42 - Logiciel: Adobe Soundbooth CS3 Codecs - (.Adobe Systems Incorporated.) [HKLM] -- {0327FA9D-975C-448C-A086-577D57BB25B8} O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183} O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312} O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8} O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5} O42 - Logiciel: Adobe Video Profiles - (.Adobe Systems Incorporated.) [HKLM] -- {845A8DB9-8802-4FD3-9FE3-938A6C46A2EC} O42 - Logiciel: Adobe WAS CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {C5BD220A-EFE8-48A5-B70E-9503D535FACE} O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6} O42 - Logiciel: Adobe XMP DVA Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {0224CACC-994D-45F8-B973-D65056EA9C2F} O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {D5A31AB1-345D-47C7-A87B-036A669F6DF1} O42 - Logiciel: Alien Swarm - (.Valve.) [HKLM] -- Steam App 630 O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033} O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Artificial Girl 3 - (.ILLUSION.) [HKLM] -- {9F0B447F-7E14-4BB9-BCFE-1D5C06F7EE35} O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Balsamiq Mockups For Desktop - (.Balsamiq, SRL.) [HKLM] -- BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1 O42 - Logiciel: Balsamiq Mockups For Desktop - (.Balsamiq, SRL.) [HKLM] -- {12740D4C-E3D0-8D4D-0304-34C357E5F0D5} O42 - Logiciel: Barre d'outils Bing - (.Microsoft Corporation.) [HKLM] -- {08234a0d-cf39-4dca-99f0-0c5cb496da81} O42 - Logiciel: Battlefield Heroes - (.EA Digital illusions.) [HKLM] -- {8DC910CD-8EE3-4ffc-A4EB-9B02701059C4} O42 - Logiciel: Bing Bar Platform - (.Microsoft Corporation.) [HKLM] -- {65C0025A-2CDE-43C5-82D0-C7A56EF0DB39} O42 - Logiciel: BurnAware Free 2.3.5 - (.Burnaware Technologies.) [HKLM] -- BurnAware Free_is1 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CD Audio Reader Filter (remove only) - (.Pas de propriétaire.) [HKLM] -- CD Audio Reader Filter O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1 O42 - Logiciel: CDDRV_Installer - (.Logitech.) [HKLM] -- {0C826C5B-B131-423A-A229-C71B3CACCD6A} O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {D3B1C799-CB73-42DE-BA0F-2344793A095C} O42 - Logiciel: Code de la Route - (.Micro Application.) [HKLM] -- {9BB9F8F2-3073-4F47-8207-0E7191C67DE9} O42 - Logiciel: Coffret de pilotes Logitech QuickCam - (.Pas de propriétaire.) [HKLM] -- lvdrivers_11.80 O42 - Logiciel: Crayon Physics Deluxe - release 53 - (.Kloonigames.) [HKLM] -- Crayon Physics Deluxe_is1 O42 - Logiciel: D-Link Wireless G DWA-510 - (.D-Link.) [HKLM] -- {BADEDF59-389D-49CA-AD06-7EF12C5C13CD} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DC-Bass Source 1.1.1 - (.Pas de propriétaire.) [HKLM] -- DC-Bass Source O42 - Logiciel: DScaler 5 Mpeg Decoders - (.Pas de propriétaire.) [HKLM] -- DScaler 5 Mpeg Decoders_is1 O42 - Logiciel: Decompile Flash Free Version 2.1.2.1550 - (.ExtraSolution Software Inc..) [HKLM] -- Decompile Flash Free Version_is1 O42 - Logiciel: DesignPro 5 - (.Avery Dennison.) [HKLM] -- InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2} O42 - Logiciel: DirectVobSub (remove only) - (.Pas de propriétaire.) [HKLM] -- DirectVobSub O42 - Logiciel: Détection de l'application Winamp - (.Nullsoft, Inc.) [HKCU] -- Winamp Detect O42 - Logiciel: EA Download Manager - (.Electronic Arts, Inc..) [HKLM] -- EA Download Manager O42 - Logiciel: EA Download Manager UI - (.Electronic Arts.) [HKLM] -- com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1 O42 - Logiciel: EA Download Manager UI - (.Electronic Arts.) [HKLM] -- {C4FFCD8D-3A06-E243-2747-2CE771A8B7D4} O42 - Logiciel: ESET Online Scanner v3 - (.Pas de propriétaire.) [HKLM] -- ESET Online Scanner O42 - Logiciel: EVE-ONLINE (remove only) - (.CCP Games Ltd..) [HKLM] -- EVE O42 - Logiciel: EuroThink Adresses - (.EuroSoft Software Development.) [HKLM] -- EuroThink Adresses 2.3.4.64_is1 O42 - Logiciel: Far Cry 2 - (.Ubisoft.) [HKLM] -- {F2835483-37F2-4123-B4FE-0E77D58447F2} O42 - Logiciel: Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) - (.Microsoft Corporation.) [HKLM] -- {3380F354-C5F7-4E71-8F51-EEE6C3F06C62} O42 - Logiciel: FileZilla Client 3.3.4.1 - (.Pas de propriétaire.) [HKLM] -- FileZilla Client O42 - Logiciel: Free FLV Converter V 6.93.0 - (.Koyote Soft.) [HKLM] -- Free FLV Converter_is1 O42 - Logiciel: Free PDF to Word Doc Converter v1.1 - (.www.hellopdf.com.) [HKLM] -- Free PDF to Word Doc Converter_is1 O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710} O42 - Logiciel: Glary Utilities 2.29.0.1032 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1 O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008} O42 - Logiciel: HP Photosmart C6300 All-In-One Driver Software 11.0 Rel .4 - (.HP.) [HKLM] -- {C8732DC3-1736-44b2-B741-2D636DE58605} O42 - Logiciel: HP Solution Center 11.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {FE57DE70-95DE-4B64-9266-84DA811053DB} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Java 6 Update 16 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF} O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: K-Lite Codec Pack 4.7.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: KhalInstallWrapper - (.Logitech.) [HKLM] -- {3101CB58-3482-4D21-AF1A-7057FC935355} O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] -- {3AF8FCCD-F51A-4014-9002-F195E1CBC876} O42 - Logiciel: Logitech SetPoint - (.Logitech.) [HKLM] -- {F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E} O42 - Logiciel: Logitech Updater - (.Nom de votre société.) [HKLM] -- {53735ECE-E461-4FD0-B742-23A352436D3A} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft Office FrontPage 2003 - (.Microsoft Corporation.) [HKLM] -- {9017040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office OneNote 2003 - (.Microsoft Corporation.) [HKLM] -- {90A1040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office Project Professional 2003 - (.Microsoft Corporation.) [HKLM] -- {903B040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office Small Business Connectivity Components - (.Microsoft Corporation.) [HKLM] -- {A939D341-5A04-4E0A-BB55-3E65B386432D} O42 - Logiciel: Microsoft Office Visio Professional 2003 - (.Microsoft Corporation.) [HKLM] -- {9051040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft SQL Server Native Client - (.Microsoft Corporation.) [HKLM] -- {1F24E48F-7692-4E89-8784-68DD4D2712A0} O42 - Logiciel: Microsoft SQL Server VSS Writer - (.Microsoft Corporation.) [HKLM] -- {A30179B7-997A-4D47-AA43-57AE59A9C78B} O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 - (.Microsoft Corporation.) [HKLM] -- {5DA8F6CD-C70E-39D8-8430-3D9808D6BD17} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Mozilla Firefox (3.6) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6) O42 - Logiciel: Mozilla Firefox (3.6.11) - (.Mozilla.) [HKCU] -- Mozilla Firefox (3.6.11) O42 - Logiciel: Mozilla Thunderbird (3.1.4) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (3.1.4) O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B83FC356-B7C0-441F-8A4D-D71E088E7974} O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++ O42 - Logiciel: OCR Software by I.R.I.S. 11.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL O42 - Logiciel: OpenOffice.org 3.0 - (.OpenOffice.org.) [HKLM] -- {6860B340-530D-46B3-91F8-1AE1F70F7C33} O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM] -- {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} O42 - Logiciel: PDF-XChange 3 - (.Tracker Software.) [HKLM] -- PDF-XChange 3_is1 O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM] -- PunkBusterSvc O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {216AB108-2AE1-4130-B3D5-20B2C4C80F8F} O42 - Logiciel: RealMedia (remove only) - (.Pas de propriétaire.) [HKLM] -- RealMedia O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: RealUpgrade 1.0 - (.RealNetworks, Inc..) [HKLM] -- {F4F4F84E-804F-4E9A-84D7-C34283F0088F} O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Recovery Toolbox for PDF 1.0 - (.Recovery Toolbox, Inc..) [HKLM] -- Recovery Toolbox for PDF_is1 O42 - Logiciel: Recuva (remove only) - (.Piriform.) [HKLM] -- Recuva O42 - Logiciel: Registry Mechanic 8.0 - (.PC Tools.) [HKLM] -- Registry Mechanic_is1 O42 - Logiciel: SHOUTcast Source (remove only) - (.Pas de propriétaire.) [HKLM] -- SHOUTcast Source O42 - Logiciel: SUPER © Version 2009.bld.35 (Jan 5, 2009) - (.eRightSoft.) [HKLM] -- SUPER © O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36} O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004} O42 - Logiciel: Spotify - (.Pas de propriétaire.) [HKLM] -- Spotify O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Spyder2express - (.Pas de propriétaire.) [HKLM] -- Spyder2express O42 - Logiciel: Steam - (.Valve.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} O42 - Logiciel: UE3Redist - (.Epic Games.) [HKCU] -- InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239} O42 - Logiciel: UE3Redist - (.Epic Games.) [HKLM] -- {6530FDAA-5B1F-4830-95BB-650E9804D239} O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKLM] -- UnityWebPlayer O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: WinHTTrack Website Copier 3.43-9C - (.HTTrack.) [HKLM] -- WinHTTrack Website Copier_is1 O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} O42 - Logiciel: Wipe - (.Wipe.) [HKLM] -- Wipe O42 - Logiciel: XMind - (.XMind Ltd..) [HKLM] -- XMind O42 - Logiciel: Zoom Player (remove only) - (.Pas de propriétaire.) [HKLM] -- ZoomPlayer O42 - Logiciel: ffdshow [rev 2527] [2008-12-19] - (.Pas de propriétaire.) [HKLM] -- ffdshow_is1 O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\AC3Filter] [HKCU\Software\ASProtect] [HKCU\Software\ATI Technologies Inc.] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\Alcohol Soft] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Avery Dennison] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\BitTorrent] [HKCU\Software\CDBurnerXP] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\ColorVision] [HKCU\Software\CoreAAC] [HKCU\Software\CoreVorbis] [HKCU\Software\DIGITAL UNIVERSE STUDIO] [HKCU\Software\DSP-worx] [HKCU\Software\DivXNetworks] [HKCU\Software\ESET] [HKCU\Software\FUEL Demo] [HKCU\Software\GNU] [HKCU\Software\GSpot Appliance Corp] [HKCU\Software\Gabest] [HKCU\Software\GlarySoft] [HKCU\Software\Google] [HKCU\Software\GridinSoft] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\Leadertech] [HKCU\Software\LogiShared] [HKCU\Software\Logitech] [HKCU\Software\LowRegistry] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept (Adobe2)] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaInfo] [HKCU\Software\Mindjet] [HKCU\Software\Minnetonka Audio Software] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\PCTools] [HKCU\Software\PDFCreator] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Privoxy] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\Recovery Toolbox for PDF] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SecuROM] [HKCU\Software\SimonTatham] [HKCU\Software\Simply Super Software] [HKCU\Software\SisSoftware] [HKCU\Software\Skype] [HKCU\Software\Spotify] [HKCU\Software\Stdin2] [HKCU\Software\Tracker Software] [HKCU\Software\Ubisoft] [HKCU\Software\Unity] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Valve] [HKCU\Software\Virtools] [HKCU\Software\VirtuaMedia] [HKCU\Software\WinHTTrack Website Copier] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Winamp] [HKCU\Software\Xobni] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\ej-technologies] [HKCU\Software\illusion] [HKCU\Software\thriXXX] [HKCU\Software\yahooinstall] [HKLM\Software\ACE Compression Software] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AMD] [HKLM\Software\ANI] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe] [HKLM\Software\Alcohol Soft] [HKLM\Software\Alpha Networks] [HKLM\Software\AppDataLow] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Avery Dennison] [HKLM\Software\Avira] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Codemasters] [HKLM\Software\Conduit] [HKLM\Software\D-Link] [HKLM\Software\DirectShowFilters] [HKLM\Software\Electronic Arts] [HKLM\Software\Eset] [HKLM\Software\Even Balance] [HKLM\Software\FileZilla 3] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Inmatrix] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\KLCodecPack] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MiKit4] [HKLM\Software\Minnetonka Audio Software] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\PCTools] [HKLM\Software\PDFCreator] [HKLM\Software\Piriform] [HKLM\Software\PocketSoft] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RichFX] [HKLM\Software\S3R521] [HKLM\Software\SPsoft] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Sage] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Sony Creative Software] [HKLM\Software\Synthetic Aperture] [HKLM\Software\Team17 Software Ltd.] [HKLM\Software\Torquemada Games] [HKLM\Software\Tracker Software] [HKLM\Software\TrendMicro] [HKLM\Software\UBISOFT] [HKLM\Software\Unity] [HKLM\Software\Valve] [HKLM\Software\Virtools] [HKLM\Software\Visicom Media] [HKLM\Software\Volatile] [HKLM\Software\WOW6432Node] [HKLM\Software\WinHTTrack Website Copier] [HKLM\Software\WinRAR] [HKLM\Software\X-AVCSD] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\instinno] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers ProgramFiles/ProgramData (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\AGEIA Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\ANI O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update O43 - CFD:Common File Directory ----D- C:\Program Files\ATI O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Avira O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5 O43 - CFD:Common File Directory ----D- C:\Program Files\Bing Bar Installer O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour O43 - CFD:Common File Directory ----D- C:\Program Files\BoontyGames O43 - CFD:Common File Directory ----D- C:\Program Files\CD Audio Reader Filter O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files O43 - CFD:Common File Directory ----D- C:\Program Files\D-Link O43 - CFD:Common File Directory ----D- C:\Program Files\DScaler5 O43 - CFD:Common File Directory ----D- C:\Program Files\DSP-worx O43 - CFD:Common File Directory ----D- C:\Program Files\Electronic Arts O43 - CFD:Common File Directory ----D- C:\Program Files\ESET O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard O43 - CFD:Common File Directory ----D- C:\Program Files\HP O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Intel O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft FrontPage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Small Business O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Toolbar O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0 O43 - CFD:Common File Directory ----D- C:\Program Files\OpenAL O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime O43 - CFD:Common File Directory ----D- C:\Program Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\RealMedia O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\SEC O43 - CFD:Common File Directory ----D- C:\Program Files\SHOUTcast Source O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\StoneTrip O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\Unity O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar O43 - CFD:Common File Directory ----D- C:\Program Files\Wipe O43 - CFD:Common File Directory ----D- C:\Program Files\xp-AntiSpy O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\BitDefender O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Control Panels O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Hewlett-Packard O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\HP O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LogiShrd O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Macrovision Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Steam O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared O43 - CFD:Common File Directory ----D- C:\ProgramData\3DVIA O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe O43 - CFD:Common File Directory ----D- C:\ProgramData\ALM O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data O43 - CFD:Common File Directory ----D- C:\ProgramData\ATI O43 - CFD:Common File Directory ----D- C:\ProgramData\Avery O43 - CFD:Common File Directory ----D- C:\ProgramData\Avira O43 - CFD:Common File Directory ----D- C:\ProgramData\Azureus O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Bureau O43 - CFD:Common File Directory ----D- C:\ProgramData\CCP O43 - CFD:Common File Directory ----D- C:\ProgramData\Ciel O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents O43 - CFD:Common File Directory ----D- C:\ProgramData\Electronic Arts O43 - CFD:Common File Directory ----D- C:\ProgramData\EmailNotifier O43 - CFD:Common File Directory ----D- C:\ProgramData\eMule O43 - CFD:Common File Directory ----D- C:\ProgramData\F-Secure O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favoris O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites O43 - CFD:Common File Directory ----D- C:\ProgramData\FLEXnet O43 - CFD:Common File Directory ----D- C:\ProgramData\Google Updater O43 - CFD:Common File Directory ----D- C:\ProgramData\HP O43 - CFD:Common File Directory ----D- C:\ProgramData\HP Product Assistant O43 - CFD:Common File Directory ----D- C:\ProgramData\Logishrd O43 - CFD:Common File Directory ----D- C:\ProgramData\Logitech O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes O43 - CFD:Common File Directory ----D- C:\ProgramData\Media Center Programs O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD:Common File Directory ----D- C:\ProgramData\Micro Application O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Modèles O43 - CFD:Common File Directory ----D- C:\ProgramData\PopCap Games O43 - CFD:Common File Directory ----D- C:\ProgramData\Real O43 - CFD:Common File Directory ----D- C:\ProgramData\Skype O43 - CFD:Common File Directory ----D- C:\ProgramData\Spybot - Search & Destroy O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates O43 - CFD:Common File Directory ----D- C:\ProgramData\TVU Networks O43 - CFD:Common File Directory ----D- C:\ProgramData\WEBREG O43 - CFD:Common File Directory ----D- C:\ProgramData\WindowsSearch O43 - CFD:Common File Directory ----D- C:\ProgramData\WLInstaller O43 - CFD:Common File Directory ----D- C:\ProgramData\Zoom Player O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\BitDefender O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Control Panels O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Hewlett-Packard O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\HP O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LogiShrd O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Macrovision Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Steam O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.00000000000000000000000000000000] - 08/01/2023 - 23:24:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\sptd.sys [717296] O44 - LFC:[MD5.FCBBFF16A21AC38D2708B26443633436] - 25/10/2010 - 06:49:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [6144] O44 - LFC:[MD5.E139F71788ECCE4B18AE3D0F43F61707] - 25/10/2010 - 06:49:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [4222980] O44 - LFC:[MD5.CBC45CDBD394BB21FF53C8BE4B47AA56] - 25/10/2010 - 06:49:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [4769972] O44 - LFC:[MD5.AE904B3D445332D7A26DEC559BDAD498] - 25/10/2010 - 06:49:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [4943320] O44 - LFC:[MD5.2132F97E666C89FCCC163A3C3F7C334B] - 25/10/2010 - 06:49:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [14290376] O44 - LFC:[MD5.409AD3DB339B228B368C00BDE78D5111] - 25/10/2010 - 06:42:28 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.95D277463DF3BC047B60CC3268B24E45] - 25/10/2010 - 06:42:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [298] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/10/2010 - 06:42:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\lvuvc.hs [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 24/10/2010 - 20:15:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [136325] O44 - LFC:[MD5.2A5D9595FE807EB34F9C4D603D381763] - 24/10/2010 - 19:44:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\defltbase.sdb [1056768] O44 - LFC:[MD5.F9272665FC547E6966FC0BBFA9D7F0CD] - 23/10/2010 - 21:21:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TCleaner.txt [983] O44 - LFC:[MD5.03275215C22BC6831AC64DE3707B63A6] - 23/10/2010 - 21:01:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [1859536] O44 - LFC:[MD5.C99CB19222E8A1EE0F3CD23298AFF49E] - 22/10/2010 - 11:33:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\TDSSKiller.2.4.4.0_22.10.2010_12.27.44_log.txt [58366] O44 - LFC:[MD5.F21E01B5F82EA3BFCDD206EF29E5E019] - 21/10/2010 - 18:00:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\wininit.ini [118] O44 - LFC:[MD5.E4F856D2E8DE64B5B099E1A59AAD25A1] - 03/10/2010 - 18:34:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ControlSubX.ocx [24576] O44 - LFC:[MD5.944418C4D8FE165A45FFDEF408B3EDF1] - 03/10/2010 - 18:34:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PropertyGrid.ocx [364544] O44 - LFC:[MD5.54993305992877F9515D01CDC6BEE4C9] - 03/10/2010 - 18:34:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ReyXpBasics.tlb [208500] O44 - LFC:[MD5.2A500768B4781AAC5F91F6217F80EC1C] - 01/10/2010 - 14:20:50 ---A- . (.FLV.com - Free FLV Converter - Tube Finder.) -- C:\Windows\System32\TubeFinder.exe [307200] O44 - LFC:[MD5.00000000000000000000000000000000] - 23/09/2143 - 12:03:28 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [3616] O44 - LFC:[MD5.00000000000000000000000000000000] - 23/09/2143 - 12:03:28 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [3616] ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\divx.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\System32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\lameACM.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"divx.dll"="DivX 6.8.5" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.2.1" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys O58 - SDL:[MD5.A3387B24D17A68FA12A9282481CE6EEC] - 14/01/2009 - 08:15:40 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys O58 - SDL:[MD5.F9C24D25D9FF29F894995A64812B4D85] - 04/03/2009 - 12:33:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\atksgt.sys O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 10/12/2009 - 19:39:02 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys O58 - SDL:[MD5.AD9BD66A862116E79CB45BB6BE46055F] - 30/03/2009 - 09:32:47 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys O58 - SDL:[MD5.C6644D1A70C050FDD7ECBE8C3AC05313] - 02/04/2002 - 16:30:16 ---A- . (.Colorvision Inc - cvspydr2 Driver.) -- C:\Windows\system32\drivers\cvspydr2.sys O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys O58 - SDL:[MD5.908ED85B7806E8AF3AF5E9B74F7809D4] - 21/01/2008 - 03:23:25 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\e1e6032.sys O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys O58 - SDL:[MD5.D1968DEA7BAFF4A917858C384339CEC8] - 29/02/2008 - 02:12:48 ---A- . (.Logitech, Inc. - Logitech PS2 Keyboard Filter Driver..) -- C:\Windows\system32\drivers\L8042Kbd.sys O58 - SDL:[MD5.D6FC755FF505D99E6CC73E83492310DF] - 29/02/2008 - 02:12:56 ---A- . (.Logitech, Inc. - Logitech PS/2 Mouse Filter Driver..) -- C:\Windows\system32\drivers\L8042mou.Sys O58 - SDL:[MD5.24E0DDB99AECCF86BB37702611761459] - 29/02/2008 - 02:13:16 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys O58 - SDL:[MD5.8CCF9ED46D52AF1375875F74A91FFACF] - 04/03/2009 - 12:33:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\lirsgt.sys O58 - SDL:[MD5.D58B330D318361A66A9FE60D7C9B4951] - 29/02/2008 - 02:13:24 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys O58 - SDL:[MD5.C149BDAD13194DF16EA33F9F601ED7BF] - 29/02/2008 - 02:13:36 ---A- . (.Logitech, Inc. - Logitech Filter Driver for Mouse Class..) -- C:\Windows\system32\drivers\LMouKE.Sys O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys O58 - SDL:[MD5.A6919138F29AE45E90E99FA94737E04C] - 26/07/2008 - 07:25:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\LVPr2Mon.sys O58 - SDL:[MD5.B895839B8743E400D7C7DAE156F74E7E] - 26/07/2008 - 16:25:46 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs.sys O58 - SDL:[MD5.23F8EF78BB9553E465A476F3CEE5CA18] - 26/07/2008 - 16:26:20 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBSta.sys O58 - SDL:[MD5.8BC0D5F6E3898F465A94C6D03AFB5A20] - 26/07/2008 - 16:26:42 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\system32\drivers\lvuvc.sys O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys O58 - SDL:[MD5.7ACAE9601B3EB413F8BF5C90A77A6848] - 28/08/2006 - 16:12:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\MTictwl.sys O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys O58 - SDL:[MD5.C3E33580A3A85BE28612B83D0C321E20] - 09/05/2010 - 19:18:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\PnkBstrK.sys O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys O58 - SDL:[MD5.6DE7A483204CA5A57B672DCB25716361] - 12/12/2006 - 13:38:12 ---A- . (.Ralink Technology Inc. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\system32\drivers\rt61.sys O58 - SDL:[MD5.5D26CCB06E1F3B5C26E863DF3F4F2611] - 03/07/2008 - 16:03:48 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys O58 - SDL:[MD5.ABBE0F54BA3A378262C9CB86CF7D91F8] - 07/04/2008 - 09:24:08 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys O58 - SDL:[MD5.00000000000000000000000000000000] - 21/04/2009 - 02:56:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 19/07/2009 - 12:39:30 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: ToolsCleaner - (.A.Rothstein & dj QUIOU.) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - (.not file.) - 2c529c81 (2c529c81) .(.Pas de propriétaire - Pas de description.) - LEGACY_2C529C81 O64 - Services: CurCS - (.not file.) - 4156a200 (4156a200) .(.Pas de propriétaire - Pas de description.) - LEGACY_4156A200 O64 - Services: CurCS - (.not file.) - 48ec9789 (48ec9789) .(.Pas de propriétaire - Pas de description.) - LEGACY_48EC9789 O64 - Services: CurCS - (.not file.) - 4e245c44 (4e245c44) .(.Pas de propriétaire - Pas de description.) - LEGACY_4E245C44 O64 - Services: CurCS - (.not file.) - 84ec80b1 (84ec80b1) .(.Pas de propriétaire - Pas de description.) - LEGACY_84EC80B1 O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\atksgt.sys - atksgt (atksgt) .(.Pas de propriétaire - Pas de description.) - LEGACY_ATKSGT O64 - Services: CurCS - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - (.not file.) - bd4108ee (bd4108ee) .(.Pas de propriétaire - Pas de description.) - LEGACY_BD4108EE O64 - Services: CurCS - (.not file.) - BDFM (bdfm) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFM O64 - Services: CurCS - (.not file.) - bdfsfltr (bdfsfltr) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFSFLTR O64 - Services: CurCS - (.not file.) - bdftdif (bdftdif) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDFTDIF O64 - Services: CurCS - (.not file.) - BDSelfPr (BDSelfPr) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDSELFPR O64 - Services: CurCS - (.not file.) - BDVEDISK (BDVEDISK) .(.Pas de propriétaire - Pas de description.) - LEGACY_BDVEDISK O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\bowser.sys - Bowser (bowser) .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER O64 - Services: CurCS - (.not file.) - c4c51768 (c4c51768) .(.Pas de propriétaire - Pas de description.) - LEGACY_C4C51768 O64 - Services: CurCS - (.not file.) - c5843a35 (c5843a35) .(.Pas de propriétaire - Pas de description.) - LEGACY_C5843A35 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - C:\Windows\system32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - C:\Windows\system32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK O64 - Services: CurCS - (.not file.) - d6460b6b (d6460b6b) .(.Pas de propriétaire - Pas de description.) - LEGACY_D6460B6B O64 - Services: CurCS - (.not file.) - d85a1120 (d85a1120) .(.Pas de propriétaire - Pas de description.) - LEGACY_D85A1120 O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - (.not file.) - e18fd2db (e18fd2db) .(.Pas de propriétaire - Pas de description.) - LEGACY_E18FD2DB O64 - Services: CurCS - (.not file.) - ef257880 (ef257880) .(.Pas de propriétaire - Pas de description.) - LEGACY_EF257880 O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\system32\drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - (.not file.) - klmd25 (klmd25) .(.Pas de propriétaire - Pas de description.) - LEGACY_KLMD25 O64 - Services: CurCS - C:\Windows\system32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lirsgt.sys - lirsgt (lirsgt) .(.Pas de propriétaire - Pas de description.) - LEGACY_LIRSGT O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON O64 - Services: CurCS - C:\Windows\system32\drivers\MTiCtwl.sys - MagicTune (MagicTune) .(.Pas de propriétaire - Pas de description.) - LEGACY_MAGICTUNE O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20 O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\system32\drivers\msisadrv.sys - Pilote de classe ISA/EISA (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - C:\Windows\system32\Drivers\mup.sys - Mup (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\nwifi.sys - Filtre NativeWiFi (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - (.not file.) - NCPro (NCPro) .(.Pas de propriétaire - Pas de description.) - LEGACY_NCPRO O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NETBT (netbt) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL O64 - Services: CurCS - C:\Windows\system32\DRIVERS\parvdm.sys - Parvdm (Parvdm) .(.Microsoft Corporation - Pilote parallèle VDM.) - LEGACY_PARVDM O64 - Services: CurCS - C:\Windows\system32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys (.not file.) - Profos (Profos) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROFOS O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - C:\Windows\system32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Smb) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - srv (srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv2.sys - srv2 (srv2) .(.Microsoft Corporation - Smb 2.0 Server driver.) - LEGACY_SRV2 O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - C:\Windows\system32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (.not file.) - Trufos (Trufos) .(.Pas de propriétaire - Pas de description.) - LEGACY_TRUFOS O64 - Services: CurCS - C:\Windows\system32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX O64 - Services: CurCS - C:\Windows\system32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARPV6 O64 - Services: CurCS - C:\Windows\system32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000 ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=482 (ESENT) - (.Pas de propriétaire - Pas de description.) -- C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\tools\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\tools\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS3.) -- C:\tools\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\tools\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {8E02D41C-5924-4816-9490-33CCD28BEB72} [DefaultScope] - (Yahoo! Search) - Yahoo! Search - Recherche Web ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover Run by Nicolas at 25/10/2010 07:50:30 device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x865AF1F8]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\atapi -> 0x865af1f8 IoDeviceObjectType -> DumpProcedure -> 0xec7d8d32 \Device\Harddisk0\DR0 -> DumpProcedure -> 0xec7d8d32 Warning: possible MBR rootkit infection ! user & kernel MBR OK Use "Recovery Console" command "fixmbr" to clear infection ! Use "ZHPFix" command "MBRFix" to clear infection ! Message: Certains émulateurs de CD/DVD peuvent hooker le pilote atapi de façon légitime. Voici quelques émulateurs : Message: Alcohol xx%, CDSpace, Circle Virtual CD, CloneCD, Daemon Tools, Virtual CloneDrive, Virtual CD, VirtualDrive, WinCDEmu,... ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) MBRCheck, version 1.2.3 by ad13, kstog Run by Nicolas at 25/10/2010 07:50:32 Dump file Name : C:\tools\ZHPDiag\MBRDump_10-25-10_07-50-33_PhysicalDrive0.bin ---\\ Recherche des services démarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [247296] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [125952] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242688] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1929952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247296] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [111616] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [45056] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [153088] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [162304] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [595456] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\system32\sessenv.dll [84992] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [68096] ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 19/07/2009 108289 | C:\Program Files\Avira\AntiVir Desktop\sched.exe (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 18/08/2009 185089 | C:\Program Files\Avira\AntiVir Desktop\avguard.exe (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 14/01/2009 729088 | C:\Windows\system32\Ati2evxx.exe (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe SR - | Auto 28/02/2006 229376 | C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Demand 22/10/2009 654848 | C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Auto 21/04/2009 133104 | C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate1c9c2b31153e2b1) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Auto 21/04/2009 183280 | C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 21/01/2008 21504 | C:\tools\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe SR - | Auto 21/01/2008 21504 | C:\tools\HP\Digital Imaging\bin\HPSLPSVC32.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe SS - | Demand 14/11/2005 69632 | C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe SS - | Demand 02/05/2008 121360 | C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe SR - | Auto 26/07/2008 186904 | C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (LVCOMSer) . (.Logitech Inc..) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe SR - | Auto 26/07/2008 150040 | C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (LVPrcSrv) . (.Logitech Inc..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 20/10/2008 71096 | C:\tools\CDBurnerXP\NMSAccessU.exe (NMSAccessU) . (.Pas de propriétaire.) - C:\tools\CDBurnerXP\NMSAccessU.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 09/05/2010 66872 | C:\Windows\system32\PnkBstrA.exe (PnkBstrA) . (.Pas de propriétaire.) - C:\Windows\system32\PnkBstrA.exe SR - | Auto 09/05/2010 107832 | C:\Windows\system32\PnkBstrB.exe (PnkBstrB) . (.Pas de propriétaire.) - C:\Windows\system32\PnkBstrB.exe SR - | Auto 28/05/2007 275968 | C:\tools\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWindServiceAE) . (.Rocket Division Software.) - C:\tools\Alcohol 52\StarWind\StarWindServiceAE.exe SR - | Demand 07/10/2010 411432 | C:\Program Files\Common Files\Steam\SteamService.exe (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe End of the scan (1201 lines in 01mn 22s)(0)

Après avoir été infecté par ThinkPoint: http://forum.zebulon.fr/nettoyage-microsoft-thinkpoint-t180284.html J'ai effectué plusieurs opérations: MBAM Spybot Glary utilities Et j'ai plusieurs problèmes: Quand j'essaye d'ouvrir un fichier powerpoint, windows affiche un message: Et, en essayant d'ouvrir beaucoup d'exécutables, windows affiche: (Évidemment les fichiers existent) Je ne sais pas d'où vient ces problèmes, je me demande si les droits de mon compte Windows n'ont pas été modifiés. De plus, Spybot détecte toujours un malware: S'il-vous-plaît, j'ai vraiment besoin d'un coup de main sur ce coup...

Le truc, c'est qu'à chaque fois que je scanne avec Spybot, il détecte un malware: Et corriger le problème ne semble pas être efficace...

Après une recherche sur le forum, j'ai vu un ancien post... Je suis donc les instructions: Rapport MBAM : Rapport TDSSKiller :

J'ai essayé de faire une restauration système. Au redémarrage, il m'indique qu'il ne peut pas lancer le module car il n'est pas autorisé...

De plus, à chaque démarrage, j'ai ce message qui apparait: Le fichier existe, j'ai vérifié... Mon compte est en administrateur.

Bonjour, Hier, j'ai été infecté par le malware Thinkpoint. Pour info, il empêche l'affichage de windows en se lançant au chargement et en empêchant le lancement de Explorer.exe. Quand on arrête le processus coupable "hotfix", l'écran reste noir en mode normal ou sans échec. Impossbile de lancer explorer à partir du gestionnaire des taches, il me dit qu'il n'arrive pas à le trouver. La restauration de la dernière bonne configuration ne marchait pas non-plus. La solution que j'ai trouvé est de lancer le mode sans échec avec invite de commande. Lancer "malware bytes" et "antivir" à partir de l'invite de commande, puis de lancer explorer.exe. J'ai supprimé "hotfix.exe" manuellement car les différents logiciels n'avaient pas l'air de le détecter. Maintenant, j'ai passé plusieurs fois "malware bytes" et "antivir" et ils trouvent à chaque fois des fichiers infectés. De plus, mon PC souffre de lenteurs. Je ne sais pas quoi faire pour désinfecter ma machine, please help! Voici mon rapport hijack this:

Bonjour, Voici le rapport: Merci!

Bonjour, Mon PC étant lent sur Internet, je me demande s'il n'y a pas des programmes qui me ralentissent. J'ai effectué le nettoyage pré-demande (CCleaner, Wipe, MalwareByte, Antivir, Spybot) et rien n'a changé, ni été détecté... Pourriez-vous m'aider? Merci!