stadeverois

A l'installation j'obtiens le message d'erreur suivant: ".NET n'a pas été installé car: impossible d'accéder au service windows installer. Ceci peut se produire si vous exécutez windows en mode sans échec. Contactez votre seervice technique pour assistance. etc..." Il y a bien un fichier journal qui en dit plus mais il est tellement long que je ne puis le poster ici. Que faire ? Bon, voici la suite... Intrigué j'ai fais une recherche de Windows Installer. V3 installée et depuis .NET s'est installé ! Lancement de win Update et là certaines maj s'installent d'autres non (maj de sécurité pour .NET V.4). Il faut dire que je n'ai rebooté qu'une fois après l'install de Win Installer. La suite au prochain numéro car là il se fait tard. Si vous avez une idée ou une soluce à proposer elle est bienvenue ! Ha j'oubliais, depuis que j'ai réinstaller win inst. mon soft pro s'est également installé correctement. On entrevoit le bout du tunnel...

Avant de supprimer le "client profile" on me demande de supprimer "extended". Mais cela ne fonctionne pas (message d'erreur: ...ne peut accèder à MSI installer). Avec le cleanup tool cela a fonctionné pour toutes les versions. Lorsque je lance windows update, la seule maj prioritaire est pour office 2007 mais elle ne s'installe pas (échec). Les maj .NET sont "facultatives". Puis-je tenter d'installer la V.4 sans mettre les V.1 à 3.5 auparavant ?

D'abord un petit mot pour vous dire que les 2 liens ne fonctionnaient pas pour WinUpdatefix ! Mai j'ai trouvé en cherchant sur google. Procédure suivie comme expliqué mais toujours impossible d'installer les Maj windows. Voici le rapport winupdatefix: WinUpdateFix v1.3 - Rapport créé le 02/09/2011 à 16:42 Mis à jour le 06/02/11 à 20h par Xplode Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3 Nom d'utilisateur : mvh - POR-MVH (Administrateur) Exécuté depuis : C:\Documents and Settings\mvh\Mes documents\Downloads\winupdatefix.exe ~~~~~ Windows Update ~~~~~ Paramètres du centre de sécurité : Les mises à jour automatiques sont activées et sont installées automatiquement. Dernière recherche effectuée le : 2011-09-02 à 10:18:15 Dernier téléchargement effectué le : 2011-09-02 à 10:51:29 Dernière installation effectuée le : 2011-09-02 à 07:10:04 ~~~~~ Services ~~~~~~ [Mises à jour automatiques] Nom du service : Wuauserv Etat : Démarré Statut : Automatique [service de transfert intelligent en arrière-plan] Nom du service : BITS Etat : Démarré Statut : Automatique [service de cryptographie] Nom du service : CryptSvc Etat : Démarré Statut : Automatique ~~~~~ Proxy ~~~~~~ [HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings] ProxyEnable = 0 ... OK ! ~~~~~ Hijack.NoWindowsUpdate ~~~~~ [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] ... OK ! ########## EOF - "C:\WinUpdateFix.txt" - [1348 octets] ########## Et voici le message après tentative d'installation des maj: Les mises à jour suivantes n'ont pas été installées: Mise à jour de sécurité pour Microsoft .NET Framework version 4 sous Windows XP, Windows Server 2003, Windows Vista, Windows 7 et Windows Server 2008 x86 (KB2539636) Mise à jour de sécurité pour Microsoft .NET Framework version 4 sous Windows XP, Windows Server 2003, Windows Vista, Windows 7 et Windows Server 2008 x86 (KB2487367) Mise à jour pour le filtre de courrier indésirable d'Outlook 2007 (KB2586924) Mise à jour de sécurité pour Microsoft .NET Framework 2.0 SP2 sous Windows Server 2003 et Windows XP x86 (KB2539631) Je vais essayer de relancer Winupdatefix en cochant toutes les options et redémarrer ensuite pour voir si cela change qqchose.

Merci pour votre réponse et votre aide. La machine ne va ni mieux ni moins bien. La maj de mon soft ne va toujours pas et les maj windows update non plus (échec à l'installation dans tous les cas). Je tente en ce moment une analyse complète du pc avec McAfee afin de voir s'il bloque ou se désactive à un moment donné comme ce fut le cas avant votre "intervention". Ca sera un peu long donc je reviendrai vers vous dès que j'ai un résultat de ce côté. J'espère qu'il n'y a pas de fichiers corrompus ou manquants, voir la base de registre corrompue...

Voici le rapport ZHPFix après nettoyage (sans redémarrage demandé): Rapport de ZHPFix 1.12.3360 par Nicolas Coolman, Update du 29/08/2011 Fichier d'export Registre : Run by mvh at 1/09/2011 20:29:24 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Processus mémoire ========== SUPPRIME Memory Process: C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe ========== Clé(s) du Registre ========== SUPPRIME Key: CLSID BHO: {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} SUPPRIME Key: HKCU\Software\Zugo SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E} SUPPRIME Key: CLSID Extra Buttons: {36ECAF82-3300-8F84-092E-AFF36D6C7040} SUPPRIME Key: CLSID DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} SUPPRIME Key: HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581} SUPPRIME Key: HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839} SUPPRIME Key: HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F} SUPPRIME Key: Service: Lavasoft Ad-Aware Service ========== Valeur(s) du Registre ========== SUPPRIME Toolbar: {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} ========== Dossier(s) ========== SUPPRIME Folder: C:\Documents and Settings\mvh\Application Data\e ========== Fichier(s) ========== SUPPRIME File: c:\program files\tracker software\pdf-xchange 4\pxcieaddin4.dll ABSENT File: c:\program files\tracker software\pdf-xchange 4\pxcieaddin4.dll ABSENT Folder/File: c:\documents and settings\mvh\application data\mozilla\firefox\profiles\tcbe9daq.default\user.js (.not file.) => fichier absent SUPPRIME File: c:\program files\winhttrack\winhttrackiebar.dll SUPPRIME File**: c:\program files\lavasoft\ad-aware\ad-awareadmin.exe SUPPRIME File: c:\program files\lavasoft\ad-aware\aawservice.exe ========== Tache planifiée ========== SUPPRIME Task: Ad-Aware Update (Weekly) SUPPRIME Task: One-Click Tweak

Voici le même rapport (complet) après avoir décoché le 056 Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011 Run by mvh at 1/09/2011 18:44:19 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) MFIE: Mozilla Firefox 4.0.1 v4.0.1 ---\\ Windows Product Information Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ System Information ~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3066 MB (69% free) System Restore: Activé (Enable) System drive C: has 5 GB (10%) free of 49 GB ---\\ Logged in mode ~ Computer Name: POR-MVH ~ User Name: mvh ~ All Users Names: SUPPORT_388945a0, mvh, mcu, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O56,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Documents and Settings\mvh\Application Data\ ~ %Desktop% : C:\Documents and Settings\mvh\Bureau\ ~ %Favorites% : C:\Documents and Settings\mvh\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\mvh\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\mvh\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 49 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 56 Go of 249 Go) E:\ CD-ROM drive (Not Inserted) Z:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792] [MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.1/09/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.1/09/2011 - 10:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 9/553 ~ Mes musiques (My Musics) : 1/2 ~ Mes Videos (My Videos) : 2/11 ~ Mes Favoris (My Favorites) : 3/207 ~ Mes Documents (My Documents) : 52/1982 ~ Mon Bureau (My Desktop) : 1/60 ~ Menu demarrer (Programs) : 5/46 ~ Scan Hidden Files in 00mn 00s ---\\ Processus lancés [MD5.AB6A44C8A3C64AC89567784145910F49] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [532480] [PID.] [MD5.2CCCD74F69473B60CB904DC466077AC0] - (.Zetes - Belgium Identity Card Service.) -- C:\WINDOWS\system32\beidservicepcsc.exe [331776] [PID.] [MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.] [MD5.0EA695F38FD27DBE53F3D88C3A0F88DC] - (.Mediafour Corporation - MacDrive service.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [131584] [PID.] [MD5.37036C07983EF1024B2FF3C28AAE5700] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366640] [PID.] [MD5.7E6932EEDA54C8EAF7DC6C2225261B85] - (.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe [214904] [PID.] [MD5.6991A9EA5E74E6035B8DAB17A7572CF3] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe [148520] [PID.] [MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.] [MD5.F1519E42A9CBAC4638CF6C1BFBBD367E] - (.Nitro PDF Software - Solid Spool Service.) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [196928] [PID.] [MD5.1E38790BDEA07472C4B16ADD469E9912] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\WINDOWS\system32\NLSSRV32.EXE [68928] [PID.] [MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\WINDOWS\system32\IoctlSvc.exe [81920] [PID.] [MD5.64E413BA0C529AA40C3924BBCC4153DB] - (.Pas de propriétaire - nTitles PSIService.) -- C:\WINDOWS\system32\PSIService.exe [174656] [PID.] [MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe [189728] [PID.] [MD5.2E7315B147E524E055026E6634B14EA6] - (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [128360] [PID.] [MD5.29C45F29E6B60BBF554DD89E499D384E] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe [165000] [PID.] [MD5.A2E16406728BE43076473A99C2F13678] - (.McAfee, Inc. - McAfee Core Firewall Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe [159832] [PID.] [MD5.FEAE215A64318D84A2077E105D27DC0B] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16859136] [PID.3564] [MD5.0D034E8C4F88C5B2B0C1AF3CF438CC4F] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [86016] [PID.3576] [MD5.10BAE7A1B4027833428220391EACAE49] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1105920] [PID.3616] [MD5.A528A87BF0CFF1BCA1AD2AB70B4B5CFD] - (.Wistron - HotkeyApp.) -- C:\Program Files\Launch Manager\HotkeyApp.exe [192512] [PID.3624] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792] [PID.3672] [MD5.02095B7B324A2D19AF30A23796E2A13F] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe [1312384] [PID.3688] [MD5.CDE36A1A95BB1F9CF77C03B9E01EDE8B] - (.Mediafour Corporation - MacDrive application.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe [167936] [PID.3804] [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.3924] [MD5.33BFCE71F407F24E5DFDB7DD46CE2D6D] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449584] [PID.3932] [MD5.EB2CC7A2441AA4477BCE761800168CCC] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [1840424] [PID.3956] [MD5.B0E6FAA0F0EAD4772C545A3737EFB47F] - (.Wistron Corp. - Pas de description.) -- C:\Program Files\Launch Manager\WisLMSvc.exe [118784] [PID.] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.3976] [MD5.62F68443D244024845B875B44D76A92F] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [537896] [PID.] [MD5.469922A70BA4F71F7D7582ED1E58ED80] - (.Two_toNe - Customize Taskbar Ver1.2.0.) -- D:\TClock\Tclock2_120fr\Tclock2_120fr\tclock2.exe [90624] [PID.2908] [MD5.BE11DA966D6FC74F2137306FB260F6A4] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [1017912] [PID.412] [MD5.A1F15ABE56BE5B7D7778221A1567231B] - (.Corel - Standby service.) -- C:\Program Files\Fichiers communs\Corel\Standby\Standby.exe [105632] [PID.1668] [MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.2516] [MD5.67949CC8A865296C1333C96A4E1A2D66] - (.Microsoft Corporation - Serveur de gestion de ressources des cartes.) -- C:\WINDOWS\System32\SCardSvr.exe [100352] [PID.] [MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.] ~ Scan Processes Running in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G0 - GCSP: Preference [user Data\Default] Google ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\mvh\Application Data\Mozilla\Firefox\Profiles\tcbe9daq.default\prefs.js C:\Documents and Settings\mvh\Application Data\Mozilla\Firefox\Profiles\tcbe9daq.default\user.js (.not file.) M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [mvh - tcbe9daq.default] Google M2 - MFEP: prefs.js [mvh - tcbe9daq.default\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}] [] iMacros for Firefox v7.2.2.0 (.iMacros Team, iOpus Software GmbH.) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- c:\progra~1\mcafee\msc\npmcsn~1.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@rayv.com/rayvplugin] - (.RayV - RayV Plugin.) -- C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (...) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll (.not file.) P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing R1 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\Software\Microsoft\Internet Explorer\Main,Search Page = R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} . (.Tracker Softaware - Pas de description.) -- C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20110721222730.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\Windo O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: PDFXChange 4.0 IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} . (.Tracker Softaware - Pas de description.) -- C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe O4 - HKLM\..\Run: [soundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe O4 - HKLM\..\Run: [AlcWzrd] . (.RealTek Semicoductor Corp. - RealTek AlcWzrd Application.) -- C:\WINDOWS\ALCWZRD.exe O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HotkeyApp] . (.Wistron - HotkeyApp.) -- C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [iTSecMng] . (. TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] . (.Adobe Systems Incorporated - Adobe CS4 Service Manager.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] bthprops.cpl O4 - HKLM\..\Run: [standby] . (.Corel - Standby service.) -- c:\Program Files\Fichiers communs\Corel\Standby\Standby.exe O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [MacDrive 8 application] . (.Mediafour Corporation - MacDrive application.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe O4 - HKLM\..\Run: [Getting started with MacDrive 8] . (.Mediafour Corporation - Get Started with MacDrive.) -- C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe (.not file.) O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe (.not file.) O4 - HKLM\..\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe (.not file.) O4 - HKLM\..\Run: [beidsystemtray] . (.Zetes - beidsystemtray.) -- C:\Program Files\Belgium Identity Card\beidsystemtray.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Bridge CS4.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Device Central CS4.lnk . (.Adobe Systems.) -- C:\Program Files\Adobe\Adobe Device Central CS4\DeviceCentral.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Dreamweaver CS4.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Drive CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Fichiers communs\Adobe\Adobe Drive CS4\ConnectUI\Adobe Drive CS4.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ExtendScript Toolkit CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit CS4\ExtendScript Toolkit.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Extension Manager CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe Extension Manager CS4\Adobe Extension Manager CS4.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Flash CS4 Professional.lnk . (.Adobe Systems Incorporated..) -- C:\Program Files\Adobe\Adobe Flash CS4\Flash.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Help.lnk . (...) -- C:\Program Files\Adobe\Adobe Help\Adobe Help.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Media Encoder CS4.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Adobe Media Encoder CS4\Adobe Media Encoder.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop CS4.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop Lightroom 2.7.lnk . (.Adobe Systems.) -- C:\Program Files\Adobe\Adobe Photoshop Lightroom 2.7\lightroom.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Pixel Bender Toolkit.lnk . (...) -- C:\Program Files\Adobe\Adobe Utilities\Pixel Bender Toolkit\pixel_bender_toolkit.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Nitro PDF Professional.lnk . (...) -- C:\WINDOWS\Installer\{19DCEAAA-AC36-4C34-B1D5-5B94BF6E4BC6}\Professional.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Open Cellar Home Edition 1.2.lnk . (...) -- C:\WINDOWS\Installer\{1F0944C8-C099-4E12-8F0C-617316731B58}\_18be6784.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Sudoku Up.lnk . (...) -- C:\Program Files\Sudoku Up\SudokuUp.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Live ID.lnk . (.Microsoft Corporation.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Sothink SWF Catcher . (...) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} . (.Pas de propriétaire - WinHTTrackIEBar Module.) -- C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Launch WinHTTrack - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} . (.SourceTec - Sothink SWF Catcher.) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\SWFCatcher.dll O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.SourceTec - Sothink SWF Catcher.) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\SWFCatcher.dll O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.mypix.com/be/fr/fw_model/domain/library/aurigma/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232811232187 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232999836765 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://ccff02.minfin.fgov.be/CCFF_Authentication/views/login/signature/capicom.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer = 192.168.2.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} . (.McAfee, Inc. - McAfee MSC IE plugin DLL.) -- c:\progra~1\mcafee\msc\mcsniepl.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (...) -- C:\WINDOWS\system32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Scan Winlogon in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: eID CRL Service (eID CRL Service) . (. Zetes - Belgium Identity Card CRL Service.) - C:\WINDOWS\system32\beidservicecrl.exe O23 - Service: eID Privacy Service (eID Privacy Service) . (.Zetes - Belgium Identity Card Service.) - C:\WINDOWS\system32\beidservicepcsc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MacDrive 8 service (MacDrive8Service) . (.Mediafour Corporation - MacDrive service.) - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) . (.Nitro PDF Software - Solid Spool Service.) - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe O23 - Service: NLS Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\WINDOWS\system32\NLSSRV32.exe O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: ProtexisLicensing (ProtexisLicensing) . (.Pas de propriétaire - nTitles PSIService.) - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006UA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OGALogon.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\One-Click Tweak.job [MD5.1DDB6CA106D92FBB7E2138DF1360EC26] [APT] [Ad-Aware Update (Weekly)] (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006Core] (.Google Inc..) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006UA] (.Google Inc..) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [OGALogon] (...) -- C:\WINDOWS\system32\OGAexeC.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [One-Click Tweak] (...) -- C:\Program Files\Advanced PC Tweaker\OneClick.exe (.not file.) ~ Scan Scheduled Task in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (AmdK7) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\amdk7.sys O41 - Driver: (CBDisk) . (.EldoS Corporation - CallbackDisk Virtual Storage Driver.) - C:\WINDOWS\system32\drivers\CBDisk.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: McAfee Inc. mfetdi2k (mfetdi2k) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\WINDOWS\system32\drivers\mfetdi2k.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\system32\DRIVERS\wmiacpi.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8} O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O42 - Logiciel: Adobe Dreamweaver CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_acce07fd2c8fe7f9e3f26243e626578 O42 - Logiciel: Adobe Flash CS4 Professional - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_a68eec966ce913ddaa63251dc82ed31 O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_faf656ef605427ee2f42989c3ad31b8 O42 - Logiciel: Autopano Giga - (.Kolor.) [HKLM] -- Autopano Giga O42 - Logiciel: BIS TV Viewer - (.RayV.) [HKLM] -- RayV O42 - Logiciel: Belgium Identity Card Run-time 2.6 - (.Fedict.) [HKLM] -- InstallShield_{EA248851-A7D5-4906-8C46-A3CA267F6A24} O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent O42 - Logiciel: Capturino V2 - (.Pas de propriétaire.) [HKCU] -- Capturino V2 O42 - Logiciel: ColorPic - (.Iconico.) [HKLM] -- ColorPic O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- _{72DB27D3-FE05-4227-AF5A-11CD101ECF09} O42 - Logiciel: Corel PaintShop Photo Pro X3 - (.Corel Corporation.) [HKLM] -- _{D1AEB5DB-04FA-489D-94EF-8600898B93EE} O42 - Logiciel: CorelDRAW® Graphics Suite X5 - (.Corel Corporation.) [HKLM] -- _{CE54DCE1-E00A-4D91-ACB9-A2D916C24051} O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1 O42 - Logiciel: DVDFab 8.0.6.8 (05/01/2011) - (.Fengtao Software Inc..) [HKLM] -- DVDFab 8_is1 O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler O42 - Logiciel: Deluxe Pacman (1.70) - (.Pas de propriétaire.) [HKLM] -- Deluxe Pacman_is1 O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2} O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities O42 - Logiciel: FTP Expert 3 - (.Pas de propriétaire.) [HKLM] -- FTP Expert 3 O42 - Logiciel: GPL Ghostscript 8.64 - (.Pas de propriétaire.) [HKLM] -- GPL Ghostscript 8.64 O42 - Logiciel: GSview 4.9 - (.Pas de propriétaire.) [HKLM] -- GSview 4.9 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Hamster Free Video Convertor - (.Hamster Soft.) [HKLM] -- {7E350663-86D3-466A-AB79-28156A9ABF6E}_is1 O42 - Logiciel: HamsterFreeVideoConverter - (.HamsterSoft, Inc..) [HKLM] -- Hamster Free Video Converter_is1 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946040 O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946308 O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946344 O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB947540 O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB947789 O42 - Logiciel: Hotfix for Windows XP (KB915800-v4) - (.Microsoft Corporation.) [HKLM] -- KB915800-v4 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: Image Mender 1.22 - (.Phibit Software.) [HKLM] -- Image Mender O42 - Logiciel: Image Resize Guide 1.0.1 - (.Two Pilots.) [HKLM] -- Image Resize Guide_is1 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: JMicron JMB38X Flash Media Controller - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C} O42 - Logiciel: JPEGCrops 0.7.5 beta - (.Pas de propriétaire.) [HKLM] -- {DEAD07C6-D070-43AB-A60D-D9ABE55E296D}_is1 O42 - Logiciel: KeyChanger Office Edition - (.Keytech-Software.) [HKLM] -- KeyChanger Office Edition2.0 O42 - Logiciel: La cave du sommelier 2 - (.DP Software.) [HKLM] -- {8A37B952-0B30-477D-923D-15C19411F924}_is1 O42 - Logiciel: Launch Manager V1.4.9 - (.Wistron Corp..) [HKLM] -- {D0846526-66DD-4DC9-A02C-98F9A2806812} O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST O42 - Logiciel: MaCave - (.Pas de propriétaire.) [HKCU] -- MACAVEExécutable O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: McAfee AntiVirus Plus - (.McAfee, Inc..) [HKLM] -- MSC O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft Kernel-Mode Driver Framework 1.0 - (.Microsoft Corporation.) [HKLM] -- Wdf01000 O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr) O42 - Logiciel: NoWires Plugin v1.5 - (.Pavel Dovgalyuk.) [HKLM] -- {BA119399-31E4-4FEE-9DC0-D0B1E1B7364A}_is1 O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693 O42 - Logiciel: Pdf995 - (.Pas de propriétaire.) [HKLM] -- Pdf995 O42 - Logiciel: Photomatix Pro version 3.2.2 - (.HDRsoft Sarl.) [HKLM] -- PhotomatixPro3Betax32_is1 O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Registry Healer 4.5.0 uninstall - (.KsL Software.) [HKLM] -- RegHealer_is2 O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97} O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: Services Off-line de Home'Bank 5.11 - (.ING Belgium.) [HKLM] -- Services Off-line de Home'Bank_is1 O42 - Logiciel: Sothink FLV Player - (.SourceTec Software Co., LTD.) [HKLM] -- {CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1 O42 - Logiciel: Sothink SWF Decompiler - (.SourceTec Software Co., LTD.) [HKLM] -- {BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1 O42 - Logiciel: Sothink SWF Quicker - (.SourceTec Software Co., LTD.) [HKLM] -- {D3490D20-3AE0-459D-AAD6-59195140EAC2}_is1 O42 - Logiciel: Sothink Web Video Downloader - (.SourceTec Software Co., LTD.) [HKLM] -- {8C52A46C-7961-4A81-AB4B-92CF65CB4772}_is1 O42 - Logiciel: Sudoku Up 2009 v3.0 - (.TreeCardGames.com.) [HKLM] -- Sudoku Up_is1 O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Total Commander (Remove or Repair) - (.Ghisler Software GmbH.) [HKLM] -- Totalcmd O42 - Logiciel: TweakNow PowerPack 2010 - (.TweakNow.com.) [HKLM] -- TweakNow PowerPack 2010_is1 O42 - Logiciel: UltraISO Premium V9.32 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1 O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553975) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{59D8F1FE-7B08-4F0E-840C-D1BF93D22A6C} O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: WDConver - (.Pas de propriétaire.) [HKCU] -- LOGICAVE II O42 - Logiciel: WinHTTrack Website Copier 3.43-9C - (.HTTrack.) [HKLM] -- WinHTTrack Website Copier_is1 O42 - Logiciel: WinRAR 4.00 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9 O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP O42 - Logiciel: XnView 1.97.6 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1 ---\\ HKCU & HKLM Software Keys [HKCU\Software\ASProtect] [HKCU\Software\ATI Technologies Inc.] [HKCU\Software\ATI] [HKCU\Software\Adobe Lightroom] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Aurigma] [HKCU\Software\BBL] [HKCU\Software\BEID] [HKCU\Software\Bitstream] [HKCU\Software\Bugsplat] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Corel] [HKCU\Software\DAMN] [HKCU\Software\DPSoftware] [HKCU\Software\DVD Shrink] [HKCU\Software\DVDFab] [HKCU\Software\Data Dynamics] [HKCU\Software\DivXNetworks] [HKCU\Software\EasyBoot Systems] [HKCU\Software\Eltima Software] [HKCU\Software\EmSoft] [HKCU\Software\Enigma Protector] [HKCU\Software\Etab Bazile] [HKCU\Software\Fedict] [HKCU\Software\Fujitsu] [HKCU\Software\GPL Ghostscript] [HKCU\Software\Ghisler] [HKCU\Software\Google] [HKCU\Software\Guillaume Lacasa] [HKCU\Software\Hamster] [HKCU\Software\HotkeyPanel] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Kolor] [HKCU\Software\KsL Software] [HKCU\Software\Lavasoft] [HKCU\Software\Licenses] [HKCU\Software\Loisirsoftware] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\McAfee] [HKCU\Software\MimarSinan] [HKCU\Software\MozillaPlugins] [HKCU\Software\MultimediaPhoto] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\New_World_software] [HKCU\Software\Nico Mak Computing] [HKCU\Software\Nitro PDF] [HKCU\Software\NoWires] [HKCU\Software\Nokia] [HKCU\Software\ODBC] [HKCU\Software\PC SOFT] [HKCU\Software\Pando Networks] [HKCU\Software\Phibit Software] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Protexis] [HKCU\Software\RayV] [HKCU\Software\Realtek] [HKCU\Software\Revenger inc.] [HKCU\Software\Reviversoft] [HKCU\Software\RocketDock] [HKCU\Software\Samsung PC Studio] [HKCU\Software\Samsung] [HKCU\Software\SolidDocuments] [HKCU\Software\SourceTec] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\TClock2] [HKCU\Software\Tracker Software] [HKCU\Software\Trolltech] [HKCU\Software\TweakNow PowerPack] [HKCU\Software\UberIcon-v1.0.0] [HKCU\Software\Ulead Systems] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WinHTTrack Website Copier] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\WinZip Computing] [HKCU\Software\Wintertree] [HKCU\Software\XemiComputers] [HKCU\Software\XnView] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Zugo] [HKCU\Software\e] [HKCU\Software\iMacros] [HKLM\Software\ACR38PCSCInstaller] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Bitstream] [HKLM\Software\Borland] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\CAVEditLib] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Corel] [HKLM\Software\DAMN] [HKLM\Software\DPSoftware] [HKLM\Software\DVDFab] [HKLM\Software\DivXNetworks] [HKLM\Software\EasyBoot Systems] [HKLM\Software\EmSoft] [HKLM\Software\FSC] [HKLM\Software\Fedict] [HKLM\Software\GPL Ghostscript] [HKLM\Software\Gemplus] [HKLM\Software\Ghostgum] [HKLM\Software\Google] [HKLM\Software\HotkeyPanel] [HKLM\Software\Iconico] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel Corporation] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KeyChanger Office Edition2] [HKLM\Software\Kolor] [HKLM\Software\Launch Manager] [HKLM\Software\Lavasoft] [HKLM\Software\Liant Software Corporation] [HKLM\Software\Licenses] [HKLM\Software\MAT] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\McAfee.com] [HKLM\Software\McAfee] [HKLM\Software\Mediafour] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nalpeiron] [HKLM\Software\NeroDigital] [HKLM\Software\Nero] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nitro PDF] [HKLM\Software\ODBC] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\PDF995] [HKLM\Software\Pando Networks] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Protexis] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Reviversoft] [HKLM\Software\Sage] [HKLM\Software\Samsung] [HKLM\Software\Schlumberger] [HKLM\Software\SourceTec] [HKLM\Software\Synaptics] [HKLM\Software\Toshiba] [HKLM\Software\Tracker Software] [HKLM\Software\TrendMicro] [HKLM\Software\Trolltech] [HKLM\Software\TweakNow PowerPack] [HKLM\Software\Two Pilots] [HKLM\Software\Ulead Systems] [HKLM\Software\VideoLAN] [HKLM\Software\Visicom Media] [HKLM\Software\WinASO] [HKLM\Software\WinHTTrack Website Copier] [HKLM\Software\WinRAR] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\XnView] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 11/03/2011 - 22:29:36 - [2211623690] ----D- C:\Program Files\Adobe O43 - CFD: 7/08/2009 - 21:36:56 - [2241762] ----D- C:\Program Files\Advanced DHTML Popup Pro V2 O43 - CFD: 24/01/2009 - 18:54:38 - [986508] ----D- C:\Program Files\Apex O43 - CFD: 18/07/2011 - 14:21:10 - [2428606] ----D- C:\Program Files\Apple Software Update O43 - CFD: 24/01/2009 - 12:15:28 - [108224356] ----D- C:\Program Files\ATI Technologies O43 - CFD: 30/08/2011 - 18:26:52 - [13949430] ----D- C:\Program Files\Belgium Identity Card O43 - CFD: 20/04/2011 - 8:33:28 - [491320] ----D- C:\Program Files\BitTorrent O43 - CFD: 4/02/2009 - 21:51:44 - [1673938] ----D- C:\Program Files\Capturino V2 O43 - CFD: 3/08/2010 - 8:27:28 - [1367471] ----D- C:\Program Files\Ciel O43 - CFD: 1/10/2010 - 18:53:26 - [432555] ----D- C:\Program Files\ColorPic 4.1 O43 - CFD: 25/06/2008 - 10:44:18 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 24/04/2010 - 21:01:42 - [2532179819] ----D- C:\Program Files\Corel O43 - CFD: 20/06/2009 - 20:30:18 - [184737] ----D- C:\Program Files\DAMN NFO Viewer O43 - CFD: 20/04/2011 - 19:59:34 - [4176624] ----D- C:\Program Files\Defraggler O43 - CFD: 8/08/2009 - 16:24:42 - [3590022] ----D- C:\Program Files\Deluxe Pacman O43 - CFD: 28/06/2010 - 21:52:10 - [800824] ----D- C:\Program Files\DIFX O43 - CFD: 1/03/2009 - 0:02:12 - [826141] ----D- C:\Program Files\DivX O43 - CFD: 28/01/2011 - 22:02:22 - [979856] ----D- C:\Program Files\DVD Shrink O43 - CFD: 29/01/2011 - 0:47:50 - [40698919] ----D- C:\Program Files\DVDFab 8 O43 - CFD: 18/12/2009 - 18:24:04 - [745259475] ----D- C:\Program Files\eMule O43 - CFD: 15/01/2010 - 20:05:32 - [0] ----D- C:\Program Files\EPSON O43 - CFD: 1/03/2011 - 19:44:44 - [1726353423] ----D- C:\Program Files\Fichiers communs O43 - CFD: 10/06/2009 - 21:11:12 - [3555935] ----D- C:\Program Files\Ghostgum O43 - CFD: 10/06/2009 - 21:05:58 - [22876732] ----D- C:\Program Files\gs O43 - CFD: 28/08/2011 - 14:20:08 - [57080457] ----D- C:\Program Files\Hamster Soft O43 - CFD: 24/12/2009 - 0:26:54 - [7255989] ----D- C:\Program Files\Image Mender O43 - CFD: 18/09/2009 - 21:37:34 - [7408938] ----D- C:\Program Files\Image Resize Guide O43 - CFD: 1/02/2009 - 19:01:26 - [39268220] ----D- C:\Program Files\ING O43 - CFD: 18/05/2011 - 19:27:04 - [26856809] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 15/06/2009 - 22:04:28 - [4094125] ----D- C:\Program Files\Intel Corporation O43 - CFD: 10/08/2011 - 21:04:16 - [6087272] ----D- C:\Program Files\Internet Explorer O43 - CFD: 9/07/2011 - 13:13:08 - [91938518] ----D- C:\Program Files\Java O43 - CFD: 17/08/2009 - 21:36:48 - [2608774] ----D- C:\Program Files\JPEGCrops O43 - CFD: 2/02/2010 - 23:48:50 - [415599] ----D- C:\Program Files\KeyChanger Office Edition O43 - CFD: 21/06/2009 - 20:59:16 - [38285535] ----D- C:\Program Files\Kolor O43 - CFD: 30/08/2011 - 18:18:58 - [55753617] ----D- C:\Program Files\La cave du sommelier 2 O43 - CFD: 27/01/2009 - 21:37:30 - [699097] ----D- C:\Program Files\Launch Manager O43 - CFD: 9/06/2011 - 17:55:16 - [39552019] ----D- C:\Program Files\Lavasoft O43 - CFD: 12/06/2011 - 21:01:20 - [32788430] ----D- C:\Program Files\Logicave II O43 - CFD: 30/08/2011 - 18:44:40 - [6953643] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 17/06/2011 - 18:47:22 - [3818669] ----D- C:\Program Files\Matthieu DUCROCQ O43 - CFD: 9/05/2010 - 18:14:00 - [232645437] ----D- C:\Program Files\McAfee O43 - CFD: 10/05/2010 - 17:43:56 - [2175257] ----D- C:\Program Files\McAfee.com O43 - CFD: 24/09/2009 - 22:12:02 - [74874326] ----D- C:\Program Files\Mediafour O43 - CFD: 24/01/2009 - 17:44:26 - [2152579] ----D- C:\Program Files\Messenger O43 - CFD: 28/10/2010 - 18:40:42 - [752723] ----D- C:\Program Files\Microsoft O43 - CFD: 19/05/2011 - 18:42:22 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 25/06/2008 - 10:45:04 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 30/06/2011 - 6:56:44 - [585358876] ----D- C:\Program Files\Microsoft Office O43 - CFD: 3/03/2010 - 20:04:34 - [246784] ----D- C:\Program Files\Microsoft SDKs O43 - CFD: 17/06/2011 - 13:38:06 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 28/01/2009 - 22:31:38 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 28/01/2009 - 22:28:26 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 3/03/2010 - 20:07:20 - [86607837] ----D- C:\Program Files\Microsoft Visual Studio 9.0 O43 - CFD: 23/04/2011 - 8:58:14 - [0] ----D- C:\Program Files\Microsoft Windows 7 Upgrade Advisor O43 - CFD: 1/05/2009 - 16:59:40 - [3726168] ----D- C:\Program Files\Microsoft Works O43 - CFD: 16/08/2010 - 14:11:16 - [8203663] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 12/08/2010 - 22:59:02 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 28/08/2011 - 19:01:16 - [32692538] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 28/01/2009 - 23:08:10 - [26521] ----D- C:\Program Files\MSBuild O43 - CFD: 24/01/2009 - 19:09:20 - [21471559] ----D- C:\Program Files\MSN O43 - CFD: 25/06/2008 - 10:45:10 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 26/01/2009 - 22:04:18 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 30/01/2011 - 14:05:14 - [639766283] ----D- C:\Program Files\Nero O43 - CFD: 24/01/2009 - 19:19:48 - [0] ----D- C:\Program Files\NeroInstall.bak O43 - CFD: 25/06/2008 - 10:45:12 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 18/01/2011 - 22:43:44 - [125604648] ----D- C:\Program Files\Nitro PDF O43 - CFD: 28/06/2010 - 21:52:14 - [1534] ----D- C:\Program Files\Nokia O43 - CFD: 11/03/2010 - 0:59:28 - [704526] ----D- C:\Program Files\NoWires Plugin O43 - CFD: 25/06/2008 - 10:47:16 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 16/12/2010 - 23:21:48 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 16/04/2011 - 23:38:10 - [7390817] ----D- C:\Program Files\Pando Networks O43 - CFD: 28/06/2010 - 21:52:04 - [13394442] ----D- C:\Program Files\PC Connectivity Solution O43 - CFD: 22/09/2009 - 22:45:20 - [13795016] ----D- C:\Program Files\pdf995 O43 - CFD: 18/09/2009 - 20:59:12 - [10624522] ----D- C:\Program Files\PhotomatixPro3 O43 - CFD: 28/02/2011 - 19:10:34 - [76322555] ----D- C:\Program Files\QuickTime O43 - CFD: 18/02/2010 - 23:32:26 - [13012823] ----D- C:\Program Files\RayV O43 - CFD: 28/01/2009 - 23:08:04 - [85987492] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 1/02/2009 - 18:57:48 - [1273083] ----D- C:\Program Files\RegHealer O43 - CFD: 29/03/2009 - 19:06:20 - [201283862] ----D- C:\Program Files\Samsung O43 - CFD: 25/06/2008 - 10:47:16 - [1025] ----D- C:\Program Files\Services en ligne O43 - CFD: 19/09/2010 - 0:16:00 - [61131941] ----D- C:\Program Files\SourceTec O43 - CFD: 24/04/2010 - 19:52:08 - [0] ----D- C:\Program Files\SpeedProject O43 - CFD: 9/10/2009 - 21:24:08 - [40051127] ----D- C:\Program Files\Sudoku Up O43 - CFD: 24/01/2009 - 12:48:04 - [33213011] ----D- C:\Program Files\Synaptics O43 - CFD: 24/01/2009 - 19:11:02 - [51830980] ----D- C:\Program Files\Toshiba O43 - CFD: 16/08/2009 - 22:45:28 - [7857400] ----D- C:\Program Files\totalcmd O43 - CFD: 16/10/2010 - 12:10:00 - [59684431] ----D- C:\Program Files\Tracker Software O43 - CFD: 31/08/2011 - 19:53:00 - [410314] ----D- C:\Program Files\Trend Micro O43 - CFD: 1/01/2011 - 15:09:58 - [26565543] ----D- C:\Program Files\TweakNow PowerPack 2010 O43 - CFD: 11/10/2009 - 21:21:16 - [3] ----D- C:\Program Files\TweakNow PowerPack Pro O43 - CFD: 18/09/2009 - 21:36:16 - [32256] ----D- C:\Program Files\Two Pilots O43 - CFD: 3/02/2009 - 1:36:36 - [6033675] ----D- C:\Program Files\UltraISO O43 - CFD: 1/01/2011 - 15:11:30 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 5/04/2009 - 20:47:02 - [74466874] ----D- C:\Program Files\VideoLAN O43 - CFD: 2/12/2009 - 22:13:12 - [8037977] ----D- C:\Program Files\Visicom Media O43 - CFD: 11/06/2009 - 23:12:16 - [5418300] ----D- C:\Program Files\Windows Desktop Search O43 - CFD: 20/01/2011 - 20:58:44 - [81920056] ----D- C:\Program Files\Windows Live O43 - CFD: 5/04/2009 - 21:05:48 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 28/01/2010 - 22:03:36 - [14346481] ----D- C:\Program Files\Windows Media Components O43 - CFD: 24/01/2009 - 17:42:52 - [3581070] ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD: 24/01/2009 - 17:42:52 - [8278281] ----D- C:\Program Files\Windows Media Player O43 - CFD: 25/06/2008 - 10:47:18 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 25/06/2008 - 10:47:20 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 17/09/2010 - 18:46:16 - [12849690] ----D- C:\Program Files\WinHTTrack O43 - CFD: 12/05/2011 - 20:31:22 - [738770532] ----D- C:\Program Files\WinRAR O43 - CFD: 22/05/2010 - 21:57:46 - [17402572] ----D- C:\Program Files\WinZip O43 - CFD: 7/10/2010 - 18:45:38 - [53760] ----D- C:\Program Files\Wondershare O43 - CFD: 4/02/2010 - 23:04:38 - [51760923] ----D- C:\Program Files\WordPerfect Mail Setup O43 - CFD: 18/09/2009 - 20:33:40 - [44032] ----D- C:\Program Files\XemiComputers O43 - CFD: 25/06/2008 - 10:47:20 - [0] ----D- C:\Program Files\xerox O43 - CFD: 13/08/2010 - 17:27:00 - [9407201] ----D- C:\Program Files\XnView O43 - CFD: 1/09/2011 - 18:44:22 - [4013882] ----D- C:\Program Files\ZHPDiag O43 - CFD: 11/03/2011 - 22:29:42 - [840028195] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 22/05/2010 - 9:38:22 - [32159844] ----D- C:\Program Files\Fichiers Communs\Adobe AIR O43 - CFD: 5/04/2010 - 14:28:16 - [54774793] ----D- C:\Program Files\Fichiers Communs\Apple O43 - CFD: 24/04/2010 - 20:57:24 - [6235983] ----D- C:\Program Files\Fichiers Communs\Corel O43 - CFD: 28/01/2009 - 22:31:36 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD: 3/02/2009 - 1:35:34 - [262144] ----D- C:\Program Files\Fichiers Communs\EZB Systems O43 - CFD: 7/08/2009 - 21:36:56 - [19215972] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 1/03/2011 - 19:44:44 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 5/02/2009 - 0:41:00 - [655885] ----D- C:\Program Files\Fichiers Communs\Macrovision Shared O43 - CFD: 9/05/2010 - 18:13:36 - [26574076] ----D- C:\Program Files\Fichiers Communs\McAfee O43 - CFD: 11/11/2010 - 19:31:16 - [2368512] ----D- C:\Program Files\Fichiers Communs\Mediafour O43 - CFD: 28/10/2010 - 18:40:58 - [301151020] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 25/06/2008 - 10:44:54 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 30/01/2011 - 14:05:30 - [153452020] ----D- C:\Program Files\Fichiers Communs\Nero O43 - CFD: 18/01/2011 - 22:43:46 - [16539614] ----D- C:\Program Files\Fichiers Communs\Nitro PDF O43 - CFD: 25/06/2008 - 10:44:54 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 23/04/2010 - 20:30:28 - [3166048] ----D- C:\Program Files\Fichiers Communs\Protexis O43 - CFD: 24/12/2009 - 20:20:36 - [614400] ----D- C:\Program Files\Fichiers Communs\Sage O43 - CFD: 25/06/2008 - 10:44:54 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 19/09/2010 - 0:16:04 - [6593577] ----D- C:\Program Files\Fichiers Communs\SourceTec O43 - CFD: 25/06/2008 - 10:44:54 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 1/05/2009 - 16:58:28 - [41360630] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 24/04/2010 - 20:51:34 - [56216709] ----D- C:\Program Files\Fichiers Communs\Ulead Systems O43 - CFD: 5/04/2009 - 21:02:00 - [141128236] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 24/01/2009 - 18:54:52 - [18424343] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller O43 - CFD: 13/03/2011 - 16:21:28 - [73435590] ----D- C:\Documents and Settings\mvh\Application Data\Adobe O43 - CFD: 16/07/2009 - 14:54:00 - [2590] ----D- C:\Documents and Settings\mvh\Application Data\Apple Computer O43 - CFD: 24/01/2009 - 23:06:34 - [0] ----D- C:\Documents and Settings\mvh\Application Data\ATI O43 - CFD: 18/05/2011 - 19:29:24 - [8890] ----D- C:\Documents and Settings\mvh\Application Data\beid-cache O43 - CFD: 24/08/2011 - 21:12:00 - [3700789] ----D- C:\Documents and Settings\mvh\Application Data\BitTorrent O43 - CFD: 24/05/2010 - 22:11:04 - [8458] ----D- C:\Documents and Settings\mvh\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O43 - CFD: 28/04/2011 - 20:46:22 - [2560] ----D- C:\Documents and Settings\mvh\Application Data\Classes de site O43 - CFD: 24/04/2010 - 20:24:48 - [44891668] ----D- C:\Documents and Settings\mvh\Application Data\Corel O43 - CFD: 5/04/2009 - 20:48:30 - [0] ----D- C:\Documents and Settings\mvh\Application Data\DivX O43 - CFD: 12/09/2009 - 14:58:02 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Download Manager O43 - CFD: 18/01/2011 - 22:41:22 - [605446144] ----D- C:\Documents and Settings\mvh\Application Data\Downloaded Installations O43 - CFD: 29/07/2011 - 22:23:40 - [199] ----D- C:\Documents and Settings\mvh\Application Data\dvdcss O43 - CFD: 2/12/2009 - 22:15:22 - [109199] ----D- C:\Documents and Settings\mvh\Application Data\Dynamique O43 - CFD: 15/02/2010 - 0:29:08 - [1806797] ----D- C:\Documents and Settings\mvh\Application Data\e O43 - CFD: 14/01/2011 - 0:15:32 - [179] ----D- C:\Documents and Settings\mvh\Application Data\HamsterSoft O43 - CFD: 25/06/2008 - 10:43:08 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Identities O43 - CFD: 18/09/2009 - 21:36:40 - [932] ----D- C:\Documents and Settings\mvh\Application Data\ImageResizeGuide O43 - CFD: 27/01/2009 - 19:44:40 - [353953] ----D- C:\Documents and Settings\mvh\Application Data\Macromedia O43 - CFD: 30/08/2011 - 18:44:44 - [4490] ----D- C:\Documents and Settings\mvh\Application Data\Malwarebytes O43 - CFD: 9/07/2011 - 8:35:26 - [6477630] -S--D- C:\Documents and Settings\mvh\Application Data\Microsoft O43 - CFD: 6/06/2011 - 18:39:54 - [17979993] ----D- C:\Documents and Settings\mvh\Application Data\Mozilla O43 - CFD: 31/01/2011 - 19:25:08 - [2564760] ----D- C:\Documents and Settings\mvh\Application Data\Nero O43 - CFD: 23/04/2011 - 18:53:38 - [210906] ----D- C:\Documents and Settings\mvh\Application Data\Nitro PDF O43 - CFD: 22/09/2009 - 22:10:32 - [356] ----D- C:\Documents and Settings\mvh\Application Data\Office Genuine Advantage O43 - CFD: 28/06/2010 - 21:54:08 - [446] ----D- C:\Documents and Settings\mvh\Application Data\PC Suite O43 - CFD: 18/03/2009 - 23:06:28 - [28] ----D- C:\Documents and Settings\mvh\Application Data\pdf995 O43 - CFD: 14/05/2011 - 20:58:08 - [4215305] ----D- C:\Documents and Settings\mvh\Application Data\RayV O43 - CFD: 16/04/2011 - 21:44:26 - [1507395] ----D- C:\Documents and Settings\mvh\Application Data\Reviversoft O43 - CFD: 10/03/2009 - 22:49:50 - [21] ----D- C:\Documents and Settings\mvh\Application Data\Samsung O43 - CFD: 28/04/2011 - 20:46:22 - [581120] ----D- C:\Documents and Settings\mvh\Application Data\Sites O43 - CFD: 30/01/2009 - 19:42:00 - [80694482] ----D- C:\Documents and Settings\mvh\Application Data\Sun O43 - CFD: 9/10/2009 - 21:24:10 - [57722] ----D- C:\Documents and Settings\mvh\Application Data\TreeCardGames O43 - CFD: 11/10/2009 - 21:21:16 - [705] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack O43 - CFD: 24/04/2010 - 19:50:50 - [3669520] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack 2009 O43 - CFD: 24/04/2010 - 19:39:04 - [8192] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack 2010 O43 - CFD: 24/04/2010 - 21:02:40 - [53000] ----D- C:\Documents and Settings\mvh\Application Data\Ulead Systems O43 - CFD: 20/02/2010 - 11:07:02 - [230969] ----D- C:\Documents and Settings\mvh\Application Data\VitySoft O43 - CFD: 28/08/2011 - 14:35:06 - [476426] ----D- C:\Documents and Settings\mvh\Application Data\vlc O43 - CFD: 24/01/2009 - 23:06:30 - [196] ----D- C:\Documents and Settings\mvh\Application Data\Windows Desktop Search O43 - CFD: 3/07/2009 - 10:00:12 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Windows Search O43 - CFD: 1/05/2009 - 15:48:16 - [12] ----D- C:\Documents and Settings\mvh\Application Data\WinRAR O43 - CFD: 18/09/2009 - 20:33:50 - [3124278] ----D- C:\Documents and Settings\mvh\Application Data\XemiComputers O43 - CFD: 15/04/2011 - 20:23:34 - [115769] ----D- C:\Documents and Settings\mvh\Application Data\XnView O43 - CFD: 23/05/2010 - 20:47:48 - [35092985] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Adobe O43 - CFD: 19/04/2009 - 14:04:48 - [7078274] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Ahead O43 - CFD: 16/07/2009 - 14:51:52 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Apple O43 - CFD: 16/07/2009 - 14:51:02 - [96361370] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Apple Computer O43 - CFD: 29/07/2011 - 18:32:50 - [11848] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\ApplicationHistory O43 - CFD: 24/01/2009 - 23:06:34 - [40577] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\ATI O43 - CFD: 14/01/2011 - 23:56:20 - [146378] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Corel O43 - CFD: 28/08/2011 - 11:00:00 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Deployment O43 - CFD: 23/02/2010 - 22:22:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Emurasoft O43 - CFD: 26/09/2010 - 18:30:22 - [205220] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\GHISLER O43 - CFD: 1/06/2011 - 21:04:02 - [534488297] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Google O43 - CFD: 24/01/2009 - 23:06:32 - [229816] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Identities O43 - CFD: 13/03/2011 - 16:21:28 - [604778107] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft O43 - CFD: 20/02/2010 - 11:24:54 - [4447] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft Corporation O43 - CFD: 25/06/2008 - 10:43:08 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft Help O43 - CFD: 6/06/2011 - 18:39:38 - [301531226] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Mozilla O43 - CFD: 28/06/2010 - 22:00:40 - [637952] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Nokia O43 - CFD: 28/06/2010 - 21:56:16 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\NokiaAccount O43 - CFD: 24/04/2010 - 21:03:38 - [98304] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\NOS O43 - CFD: 16/04/2011 - 23:38:56 - [31114] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Pando O43 - CFD: 4/02/2010 - 23:57:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\PCHealth O43 - CFD: 25/06/2008 - 10:43:08 - [285696] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Seven Zip O43 - CFD: 15/12/2009 - 21:44:16 - [59183] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\SourceTec O43 - CFD: 4/08/2011 - 21:07:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Temp O43 - CFD: 17/06/2011 - 18:57:44 - [177] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\WDSetup O43 - CFD: 23/04/2011 - 9:05:04 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Yahoo! ~ Scan Program Folder in 00mn 04s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 1/09/2011 - 17:12:48 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.493625AD9FE14BECBEA24034A24A05CB] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.B099B38B0FEBD7E0E53787475DD2BFC7] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.9B9C37AE1B7B5E3E334F8D68267643E1] - 1/09/2011 - 17:15:08 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1828295] O44 - LFC:[MD5.D4B38373FC06C070AA7D6AC5E1232FC2] - 1/09/2011 - 17:31:32 ---A- . (...) -- C:\TDSSKiller.2.5.17.0_01.09.2011_18.23.49_log.txt [56134] O44 - LFC:[MD5.09DA793B0CC13C79FB661D5FE871D6D7] - 1/09/2011 - 17:38:50 ---A- . (...) -- C:\WINDOWS\setupapi.log [990854] O44 - LFC:[MD5.8DE02308B7ECF3D1A5E4D55B6F3FE87C] - 1/09/2011 - 17:43:00 ---A- . (...) -- C:\WINDOWS\wincmd.ini [4658] O44 - LFC:[MD5.A4BB36C94A6F6F780D6D1C10F6B96E5E] - 1/09/2011 - 6:37:03 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32088] O44 - LFC:[MD5.55328E4D5D0A45D78F7CF071F490405C] - 28/08/2011 - 9:39:59 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [1158] O44 - LFC:[MD5.CAF61893287EC7417CA4D2D1B8FA1252] - 28/08/2011 - 9:49:35 ---A- . (...) -- C:\WINDOWS\msmqinst.log [480550] O44 - LFC:[MD5.CCA99A05B4B5D78BB54E7F327B1389FA] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1492862] O44 - LFC:[MD5.F14E07133B141EF16653A152D0C63770] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\KB2562937.log [12419] O44 - LFC:[MD5.E7B491F7B7F5AD245138E47121B62BB2] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [104212] O44 - LFC:[MD5.C712C8E03EEFDE8FFA7D5770965DE3F9] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\comsetup.log [511643] O44 - LFC:[MD5.79F9B1B2D64242515616C5E81E4B15A4] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\iis6.log [1714486] O44 - LFC:[MD5.B545F3BD1154D2ACBCDC697A540EDCB0] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\imsins.log [1374] O44 - LFC:[MD5.EB11DAC8BBE4BF2022BBBECFF69904FC] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\msgsocm.log [75500] O44 - LFC:[MD5.A19CEE3B286D84EC2F3B33BF630F764A] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\netfxocm.log [262700] O44 - LFC:[MD5.04A8EBEF1FE5AE6FE26C450E7E6FC276] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [310103] O44 - LFC:[MD5.6A6984B80F6F7EA35950C06FB4865A97] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ocgen.log [741780] O44 - LFC:[MD5.6506C080F1C986F2D2A5D745D7DFE7F4] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ocmsn.log [83367] O44 - LFC:[MD5.2F897C74E10567D604077E638247564F] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\tabletoc.log [75574] O44 - LFC:[MD5.F3D50B06D30DD19F86E84EFA316C584E] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\tsoc.log [695496] O44 - LFC:[MD5.F1C8125909F79AC37F1DCBE518113F1D] - 30/08/2011 - 20:05:42 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [366994] O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 30/08/2011 - 17:44:39 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272] O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 30/08/2011 - 17:44:34 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O44 - LFC:[MD5.A8E0AB52299BC87F1EB080E2A3FC9BBE] - 30/08/2011 - 17:25:54 ---A- . (.The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS - OpenSSL Shared Library.) -- C:\WINDOWS\system32\ssleay32_0_9_8g.dll [200704] O44 - LFC:[MD5.4A472B9676039C11A2A8DB93FD59B2CF] - 30/08/2011 - 17:25:32 ---A- . (.The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS - OpenSSL Shared Library.) -- C:\WINDOWS\system32\libeay32_0_9_8g.dll [1044480] O44 - LFC:[MD5.B412A5393E9BF796D97B12E0BDD1E12A] - 28/08/2011 - 13:23:57 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [404640] O44 - LFC:[MD5.8252837BEDD4BDCA6C6F3EB53A716EB6] - 27/08/2011 - 13:29:36 ---A- . (...) -- C:\WINDOWS\KB2570791.log [3730] O44 - LFC:[MD5.0D01E3A81F22ED04F96D72A1D3F3E559] - 27/08/2011 - 13:29:36 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [235670] O44 - LFC:[MD5.CB17A47D090938A02DACB066D6D5A124] - 25/08/2011 - 16:58:10 ---A- . (...) -- C:\WINDOWS\system32\rp_rules.dat [44] O44 - LFC:[MD5.8A3D5B46FF8C9CED46304F1EBB5F9AFE] - 25/08/2011 - 16:58:10 ---A- . (...) -- C:\WINDOWS\system32\rp_stats.dat [64] O44 - LFC:[MD5.29112307112535F9CE13D924B00994E6] - 10/08/2011 - 20:09:11 ---A- . (...) -- C:\WINDOWS\KB2567680.log [15639] O44 - LFC:[MD5.9A465F3F504A35BECD25CAF07F73CF05] - 10/08/2011 - 20:09:11 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374] O44 - LFC:[MD5.395476DBD0CD22A30CAF8A362897E860] - 10/08/2011 - 20:09:10 ---A- . (...) -- C:\WINDOWS\updspapi.log [185275] O44 - LFC:[MD5.70718448639322BC2ACE5A42B0A46FC4] - 10/08/2011 - 20:08:33 ---A- . (...) -- C:\WINDOWS\KB2536276-v2.log [11055] O44 - LFC:[MD5.D957CCDC044932A3993E89D02BF627A6] - 10/08/2011 - 20:07:50 ---A- . (...) -- C:\WINDOWS\KB2570222.log [10922] O44 - LFC:[MD5.7106FD5F0A7BFEF64EA395DC93C6CC81] - 10/08/2011 - 20:04:24 ---A- . (...) -- C:\WINDOWS\KB2559049-IE8.log [14906] O44 - LFC:[MD5.BDB7D76531D5BC9E05EACD04ED28813E] - 10/08/2011 - 20:03:56 ---A- . (...) -- C:\WINDOWS\KB2566454.log [6931] ~ Scan Files in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "D:\Rmcob700\RUNCOBOL.EXE" [Enabled] .(.Liant Software Corporation - RM/COBOL Runtime Executable.) -- D:\Rmcob700\RUNCOBOL.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [Enabled] .(.Adobe Systems Incorporated.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe" [Enabled] .(...) -- C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\RayV\RayV\RayV.exe" [Enabled] .(.RayV - RayV.) -- C:\Program Files\RayV\RayV\RayV.exe O47 - AAKE:Key Export SP - "C:\Program Files\RayV\RayV\RayV.dll" [Enabled] .(.RayV - RayV Viewer SDK.) -- C:\Program Files\RayV\RayV\RayV.dll O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\bittorrent.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "C:\Program Files\Pando Networks\Pando\Pando.exe" [Enabled] .(.Pando Networks - pando.) -- C:\Program Files\Pando Networks\Pando\Pando.exe O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe" [Enabled] .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\WINDOWS\system32\Drivers\mfefirek.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\WINDOWS\system32\Drivers\mfehidk.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) ~ Scan CSB in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ Scan IFEO in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll O52 - TDSD: \Drivers32\"msacm.dvacm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm" . (...) -- (.not file.) O52 - TDSD: \Drivers32\"msacm.MPEGacm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm" . (...) -- (.not file.) O52 - TDSD: \Drivers32\"msacm.ulmp3acm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.8.5 Codec" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm"="Ulead ACM MP3 Codec" . (...) -- (.not file.) ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.B6A0F723A54884E77FCE0F69083F90C9] - 1/09/2011 - 17:06:53 ---A- . (.Advanced Card Systems Ltd - PCSC/CCID IFD Handler.) -- C:\WINDOWS\system32\drivers\a38usb.sys [33536] O58 - SDL:[MD5.73685E15EF8B0BD9C30F1AF413F13D49] - 1/09/2011 - 8:40:13 ---A- . (.Adobe Systems, Inc. - Adobe Drive File System Driver.) -- C:\WINDOWS\system32\drivers\adfs.sys [73312] O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 1/09/2011 - 20:51:56 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\drivers\aliide.sys [5248] O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 1/09/2011 - 10:36:40 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\AMDAGP.SYS [43008] O58 - SDL:[MD5.62D318E9A0C8FC9B780008E724283707] - 1/09/2011 - 20:52:00 ---A- . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\asc.sys [26496] O58 - SDL:[MD5.5D8DE112AA0254B907861E9E9C31D597] - 1/09/2011 - 20:51:58 ---A- . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\system32\drivers\asc3550.sys [14848] O58 - SDL:[MD5.A4D1C3CD20C8C595AF1817BB5352ECD6] - 1/09/2011 - 18:09:38 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [2870784] O58 - SDL:[MD5.93C568904E116607DF2389907A9D8899] - 1/09/2011 - 11:15:52 ---A- . (.EldoS Corporation - CallbackDisk Virtual Storage Driver.) -- C:\WINDOWS\system32\drivers\CBDisk.sys [57800] O58 - SDL:[MD5.ECAF4A51580244FEF1AA32CB984F13BF] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\WINDOWS\system32\drivers\cfwids.sys [57432] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 1/09/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.E3726AD522D0BDAE090671048C991AB3] - 1/09/2011 - 16:04:44 ---A- . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\system32\drivers\cmdide.sys [6656] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 1/09/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.E550E7418984B65A78299D248F0A7F36] - 1/09/2011 - 20:52:16 ---A- . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\system32\drivers\dac2w2k.sys [179584] O58 - SDL:[MD5.E9648254056BCE81A85380C0C3647DC4] - 1/09/2011 - 21:13:08 ---A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\fetnd5.sys [27165] O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 1/09/2011 - 13:00:00 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384] O58 - SDL:[MD5.8B566EA71D5B76157A9CDB78F25A5731] - 1/09/2011 - 11:27:06 ---A- . (...) -- C:\WINDOWS\system32\drivers\HOTKEY.sys [9867] O58 - SDL:[MD5.80C633722DA72E97F3F5B3B11325696D] - 1/09/2011 - 5:57:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\system32\drivers\iaStor.sys [317976] O58 - SDL:[MD5.E20B6650542D70ABD21281F08FB723D2] - 1/09/2011 - 7:37:46 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys [11304] O58 - SDL:[MD5.729055DF132A6ECF071E383F72F1B0C9] - 1/09/2011 - 7:37:56 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys [132904] O58 - SDL:[MD5.DEDB6CC1B166928A8F3F68DEF1766DB0] - 1/09/2011 - 17:55:04 ---A- . (.JMicron Technology Corp. - JMicron JMB38X Memory Card Reader Driver.) -- C:\WINDOWS\system32\drivers\jmcr.sys [84240] O58 - SDL:[MD5.336ABE8721CBC3110F1C6426DA633417] - 1/09/2011 - 1:00:36 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\WINDOWS\system32\drivers\Lbd.sys [64512] O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 1/09/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 1/09/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.958B893EB11586B4ED1301BA067ABC94] - 1/09/2011 - 15:36:04 ---A- . (.Mediafour Corporation - MacDrive file system driver.) -- C:\WINDOWS\system32\drivers\MDFSYSNT.SYS [234160] O58 - SDL:[MD5.9F06CA581CCE21FC72A946487AA243E9] - 1/09/2011 - 14:51:34 ---A- . (.Mediafour Corporation - MacDrive partition driver.) -- C:\WINDOWS\system32\drivers\MDPMGRNT.SYS [29792] O58 - SDL:[MD5.688B626FCA708EE9EB161CAD1F7363A9] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\WINDOWS\system32\drivers\mfeapfk.sys [118784] O58 - SDL:[MD5.693A8D924B640223974E0A88F2BAF0F4] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys [179248] O58 - SDL:[MD5.52C40D19873528BD15823C969D3AD227] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- C:\WINDOWS\system32\drivers\mfebopk.sys [59288] O58 - SDL:[MD5.BF1585AEFCE50605B7F359C1A66CDE41] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\WINDOWS\system32\drivers\mfeclnk.sys [9344] O58 - SDL:[MD5.E37B98D49DF546F4059483D49E349A53] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\WINDOWS\system32\drivers\mfefirek.sys [337912] O58 - SDL:[MD5.44184F32392FA2E94D08D056CE750D56] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- C:\WINDOWS\system32\drivers\mfehidk.sys [459728] O58 - SDL:[MD5.8C434D77C7A8CD97F8F4C2B0BE19D541] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee NDIS Intermediate Driver.) -- C:\WINDOWS\system32\drivers\mfendisk.sys [83688] O58 - SDL:[MD5.5F5313BFD1E73233885A26AB77488F6F] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\WINDOWS\system32\drivers\mferkdet.sys [85984] O58 - SDL:[MD5.41FE2F288E05A6C8AB85DD56770FFBAD] - 1/09/2011 - 9:22:14 ---A- . (.McAfee, Inc. - VSCore Code Analysis Driver.) -- C:\WINDOWS\system32\drivers\mferkdk.sys [34248] O58 - SDL:[MD5.8D1A44E1F46BCF4ACFE9C701EDD340E3] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys [89368] O58 - SDL:[MD5.3F4BB95E5A44F3BE34824E8E7CAF0737] - 1/09/2011 - 20:52:12 ---A- . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows Whistler 32.) -- C:\WINDOWS\system32\drivers\mraid35x.sys [17280] O58 - SDL:[MD5.05743FFFC2BC88CC8E426321BC6A762E] - 1/09/2011 - 7:23:16 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\system32\drivers\NETw5x32.sys [3636864] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 1/09/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 1/09/2011 - 9:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 1/09/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.0A63FB54039EB5662433CABA3B26DBA7] - 1/09/2011 - 20:52:20 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1080.sys [40320] O58 - SDL:[MD5.156ED0EF20C15114CA097A34A30D8A01] - 1/09/2011 - 20:52:20 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql12160.sys [45312] O58 - SDL:[MD5.907F0AEEA6BC451011611E732BD31FCF] - 1/09/2011 - 20:52:18 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1280.sys [49024] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 1/09/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 1/09/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.C6D34A1874CD2B212DC3E788091C64B4] - 1/09/2011 - 2:13:10 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [234392] O58 - SDL:[MD5.1824C4894AA438CD06C976E44B9E7353] - 1/09/2011 - 18:37:26 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [4713472] O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 1/09/2011 - 10:34:34 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys [166912] O58 - SDL:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 1/09/2011 - 17:03:22 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\WINDOWS\system32\drivers\SBREDrv.sys [101720] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 1/09/2011 - 13:00:00 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 1/09/2011 - 10:36:40 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\SISAGP.SYS [40960] O58 - SDL:[MD5.83C0F71F86D3BDAF915685F3D568B20E] - 1/09/2011 - 21:07:44 ---A- . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\system32\drivers\sparrow.sys [19072] O58 - SDL:[MD5.D6870895FE46A464A19141440EB6CC1E] - 1/09/2011 - 16:54:24 ---A- . (.MCCI Corporation - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys [80552] O58 - SDL:[MD5.38BA174E60FDA4219EFC917D514C2E28] - 1/09/2011 - 16:56:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys [9256] O58 - SDL:[MD5.38BA174E60FDA4219EFC917D514C2E28] - 1/09/2011 - 16:56:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys [9256] O58 - SDL:[MD5.0FE167362E4689B716CDC8D93ADEDDA8] - 1/09/2011 - 16:57:24 ---A- . (.MCCI Corporation - SAMSUNG Mobile Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys [11944] O58 - SDL:[MD5.55A15707E32B6709242AD127E62CA55A] - 1/09/2011 - 16:58:20 ---A- . (.MCCI Corporation - SAMSUNG Mobile Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys [106792] O58 - SDL:[MD5.F85B5BA4753C3E6B2B5BFCA410A458A4] - 1/09/2011 - 17:00:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys [9256] O58 - SDL:[MD5.F85B5BA4753C3E6B2B5BFCA410A458A4] - 1/09/2011 - 17:00:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys [9256] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 1/09/2011 - 21:42:40 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.1FF3217614018630D0A6758630FC698C] - 1/09/2011 - 21:07:34 ---A- . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc810.sys [16256] O58 - SDL:[MD5.070E001D95CF725186EF8B20335F933C] - 1/09/2011 - 21:07:36 ---A- . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc8xx.sys [32640] O58 - SDL:[MD5.80AC1C4ABBE2DF3B738BF15517A51F2C] - 1/09/2011 - 21:07:40 ---A- . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_hi.sys [28384] O58 - SDL:[MD5.BF4FAB949A382A8E105F46EBB4937058] - 1/09/2011 - 21:07:42 ---A- . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_u3.sys [30688] O58 - SDL:[MD5.86692A9116559222BD2D62633DDC352D] - 1/09/2011 - 19:04:12 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys [225056] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 1/09/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.1B698A51CD528D8DA4FFAED66DFC51B9] - 1/09/2011 - 20:52:22 ---A- . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\system32\drivers\ultra.sys [36736] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 1/09/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.0CE285E2D9C50E7EE9F478F081A25FB6] - 1/09/2011 - 22:17:03 RSH-- . (...) -- C:\WINDOWS\system32\7ADDAFAA03.sys [88] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.0641A46F1E58529A42EAD4573A3A0861] - 1/09/2011 - 22:45:46 RSH-- . (...) -- C:\WINDOWS\system32\D881958BB3.sys [8] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.274DF1C009AE82DAC84C01CBCFD795F6] - 1/09/2011 - 22:17:07 -SHA- . (...) -- C:\WINDOWS\system32\KGyGaAvL.sys [5172] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] ~ Scan Drivers in 00mn 01s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\aliide.sys - No object(No service) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\amdagp.sys - No object(No service) .(.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) - LEGACY_AMDAGP O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\asc.sys - No object(No service) .(.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) - LEGACY_ASC O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\asc3550.sys - No object(No service) .(.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) - LEGACY_ASC3550 O64 - Services: CurCS - 13/01/2010 - C:\WINDOWS\system32\drivers\CBDisk.sys - CBDisk(CBDisk) .(.EldoS Corporation - CallbackDisk Virtual Storage Driver.) - LEGACY_CBDISK O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\cfwids.sys - McAfee Inc. cfwids(cfwids) .(.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) - LEGACY_CFWIDS O64 - Services: CurCS - 23/08/2001 - C:\WINDOWS\system32\DRIVERS\cmdide.sys - No object(No service) .(.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) - LEGACY_CMDIDE O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\dac2w2k.sys - No object(No service) .(.Mylex Corporation - Mylex Disk Array Controller Driver.) - LEGACY_DAC2W2K O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 3/04/2005 - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - 24/05/2008 - C:\Program Files\UltraISO\drivers\ISODrive.sys - ISO DVD/CD-ROM Device Driver(ISODrive) .(.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - LEGACY_ISODRIVE O64 - Services: CurCS - 4/05/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 25/05/2011 - C:\WINDOWS\system32\DRIVERS\Lbd.sys - Lbd(Lbd) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD O64 - Services: CurCS - 8/10/2010 - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe - MacDrive 8 service(MacDrive8Service) .(.Mediafour Corporation - MacDrive service.) - LEGACY_MACDRIVE8SERVICE O64 - Services: CurCS - 6/07/2011 - C:\WINDOWS\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 6/07/2011 - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - MBAMService(MBAMService) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSERVICE O64 - Services: CurCS - 27/01/2011 - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe - McAfee Personal Firewall(McMPFSvc) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCMPFSVC O64 - Services: CurCS - 27/01/2011 - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee Services(mcmscsvc) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCMSCSVC O64 - Services: CurCS - 27/01/2011 - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee VirusScan Announcer(McNaiAnn) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCNAIANN O64 - Services: CurCS - 27/01/2011 - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee Network Agent(McNASvc) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCNASVC O64 - Services: CurCS - 17/03/2011 - C:\Program Files\McAfee\VirusScan\mcods.exe - McAfee Scanner(McODS) .(.McAfee, Inc. - McAfee VirusScan On-Demand Scan.) - LEGACY_MCODS O64 - Services: CurCS - 27/01/2011 - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee Proxy Service(McProxy) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCPROXY O64 - Services: CurCS - 13/03/2011 - C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe - McAfee Real-time Scanner(McShield) .(.McAfee, Inc. - McAfee On-Access Scanner service.) - LEGACY_MCSHIELD O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfeapfk.sys - McAfee Inc. mfeapfk(mfeapfk) .(.McAfee, Inc. - Access Protection Filter Driver.) - LEGACY_MFEAPFK O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfeavfk.sys - McAfee Inc. mfeavfk(mfeavfk) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfebopk.sys - McAfee Inc. mfebopk(mfebopk) .(.McAfee, Inc. - Buffer Overflow Protection Driver.) - LEGACY_MFEBOPK O64 - Services: CurCS - 13/03/2011 - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe - McAfee Firewall Core Service(mfefire) .(.McAfee, Inc. - McAfee Core Firewall Service.) - LEGACY_MFEFIRE O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfefirek.sys - McAfee Inc. mfefirek(mfefirek) .(.McAfee, Inc. - McAfee Core Firewall Engine Driver.) - LEGACY_MFEFIREK O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfehidk.sys - McAfee Inc. mfehidk(mfehidk) .(.McAfee, Inc. - McAfee Link Driver.) - LEGACY_MFEHIDK O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mferkdet.sys - McAfee Inc. mferkdet(mferkdet) .(.McAfee, Inc. - McAfee Code Analysis Driver.) - LEGACY_MFERKDET O64 - Services: CurCS - 16/09/2009 - C:\WINDOWS\system32\drivers\mferkdk.sys - McAfee Inc. mferkdk(mferkdk) .(.McAfee, Inc. - VSCore Code Analysis Driver.) - LEGACY_MFERKDK O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfetdi2k.sys - McAfee Inc. mfetdi2k(mfetdi2k) .(.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - LEGACY_MFETDI2K O64 - Services: CurCS - 13/03/2011 - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe - McAfee Validation Trust Protection Service(mfevtp) .(.McAfee, Inc. - McAfee Process Validation Service.) - LEGACY_MFEVTP O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\mraid35x.sys - No object(No service) .(.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X O64 - Services: CurCS - 12/01/2011 - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe - NitroPDFDriverCreatorReadSpool(NitroDriverReadSpool) .(.Nitro PDF Software - Solid Spool Service.) - LEGACY_NITRODRIVERREADSPOOL O64 - Services: CurCS - 12/01/2011 - C:\WINDOWS\system32\NLSSRV32.exe - NLS Service(nlsX86cc) .(.Nalpeiron Ltd. - This service enables products that use the.) - LEGACY_NLSX86CC O64 - Services: CurCS - 12/12/2008 - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe - NMIndexingService(NMIndexingService) .(.Nero AG - Nero Home.) - LEGACY_NMINDEXINGSERVICE O64 - Services: CurCS - 2/11/2006 - C:\WINDOWS\system32\PSIService.exe - ProtexisLicensing(ProtexisLicensing) .(.Pas de propriétaire - nTitles PSIService.) - LEGACY_PROTEXISLICENSING O64 - Services: CurCS - 10/03/2010 - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe - Protexis Licensing V2(PSI_SVC_2) .(.Protexis Inc. - PsiService PsiService.) - LEGACY_PSI_SVC_2 O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\ql1080.sys - No object(No service) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1080 O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\ql12160.sys - No object(No service) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL12160 O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\ql1280.sys - No object(No service) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1280 O64 - Services: CurCS - 14/06/2010 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\sisagp.sys - No object(No service) .(.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) - LEGACY_SISAGP O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\sparrow.sys - No object(No service) .(.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) - LEGACY_SPARROW O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\symc810.sys - No object(No service) .(.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) - LEGACY_SYMC810 O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\symc8xx.sys - No object(No service) .(.LSI Logic - Symbios 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\sym_hi.sys - No object(No service) .(.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\sym_u3.sys - No object(No service) .(.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) - LEGACY_SYM_U3 O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\ultra.sys - No object(No service) .(.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) - LEGACY_ULTRA O64 - Services: CurCS - 17/11/2006 - C:\Program Files\Launch Manager\WisLMSvc.exe - WisLMSvc(WisLMSvc) .(.Wistron Corp. - Pas de description.) - LEGACY_WISLMSVC ~ Scan Services in 00mn 04s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS4.) -- C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {51A5A868-ADD7-A89B-8D44-D2809384E318} - (Yahoo!) - Hamstersoft Search Start O69 - SBI: SearchScopes [HKCU] {7864BF3E-AFB2-4DD0-AB9A-BCB4D301BCEF} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {EF3CAA28-3552-495e-B4A1-3A9B039BC803} - (ASK Jeeves) - http://adsearches.net ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.25A8C32B4D09C742FE642E12EA2C76BD] [sPRF][1/10/2010] (...) -- C:\Documents and Settings\mvh\Bureau\colorschemer-colorpix_colorpix_1.2_anglais_122530.exe [619520] [MD5.DD42FC432475349D5C3DFAC08ED2F173] [sPRF][22/08/2011] (.Kaspersky Lab ZAO - TDSS rootkit removing tool.) -- C:\Documents and Settings\mvh\Bureau\TDSSKiller.exe [1406768] [MD5.5CAAFF20C5695611F08ABD954E58DEA2] [sPRF][1/09/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\mvh\Bureau\ZHPDiag2.exe [2582227] [MD5.AFEC9A861842FBD97CC26ED1B83132DB] [sPRF][27/09/2006] (.Macrovision Corporation - Macrovision FLEXnet Connect Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576] [MD5.79CEC7DFDEE7B0E0F4BADA3E0FA2758C] [sPRF][27/09/2006] (.Macrovision Corporation - Macrovision FLEXnet Connect Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [200704] [MD5.29CFE9ED23C55E55838A789EB1182A9B] [sPRF][4/10/2008] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1887080] [MD5.3EB086EDD17244A4199A6C7419864CD3] [sPRF][27/09/2006] (.Macrovision Corporation - Macrovision FLEXnet Connect Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [479232] [MD5.455CA248A92816766FAD91B5CE258773] [sPRF][20/05/2009] (.Akamai Technologies, Inc. - Download Manager ActiveX Control.) -- C:\WINDOWS\Downloaded Program Files\Manager.exe [689536] ~ Scan Files in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : 8618 - (29/08/2011) Clés trouvées (Keys found) : 4 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar [HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] =>PUP.BearShare [HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] =>PUP.BearShare [HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] =>PUP.BearShare ~ Scan Additionnel in 00mn 08s ---\\ Recherche détournement de DNS routeur (O89) Serveur : UnKnown Address: 192.168.2.1 Nom : www.l.google.com Addresses: 74.125.39.106, 74.125.39.99, 74.125.39.105, 74.125.39.104 74.125.39.147, 74.125.39.103 Aliases: www.google.fr, www.google.com ~ Scan DNS in 00mn 03s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 1/09/2011 532480 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SS - | Demand 1/09/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Auto 1/09/2011 225280 | (eID CRL Service) . (. Zetes.) - C:\WINDOWS\system32\beidservicecrl.exe SR - | Auto 1/09/2011 331776 | (eID Privacy Service) . (.Zetes.) - C:\WINDOWS\system32\beidservicepcsc.exe SS - | Demand 1/09/2011 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Demand 1/09/2011 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Auto 1/09/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SS - | Demand 1/09/2011 2151640 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe SR - | Auto 1/09/2011 131584 | (MacDrive8Service) . (.Mediafour Corporation.) - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe SR - | Auto 1/09/2011 366640 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Auto 1/09/2011 214904 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe SR - | Auto 1/09/2011 214904 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe SR - | Auto 1/09/2011 214904 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe SR - | Auto 1/09/2011 214904 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe SS - | Demand 1/09/2011 361712 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe SR - | Auto 1/09/2011 214904 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe SS - | Auto 1/09/2011 165000 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe SS - | Auto 1/09/2011 159832 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe SS - | Auto 1/09/2011 148520 | (mfevtp) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe SR - | Auto 1/09/2011 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe SR - | Auto 1/09/2011 196928 | (NitroDriverReadSpool) . (.Nitro PDF Software.) - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe SR - | Auto 1/09/2011 68928 | (nlsX86cc) . (.Nalpeiron Ltd..) - C:\WINDOWS\system32\NLSSRV32.exe SR - | Demand 1/09/2011 537896 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe SR - | Auto 1/09/2011 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\WINDOWS\system32\IoctlSvc.exe SR - | Auto 174656 | (ProtexisLicensing) . (...) - C:\WINDOWS\system32\PSIService.exe SR - | Auto 1/09/2011 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe SS - | Demand 1/09/2011 615936 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe SR - | Auto 1/09/2011 128360 | (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe SR - | Demand 1/09/2011 118784 | (WisLMSvc) . (.Wistron Corp..) - C:\Program Files\Launch Manager\WisLMSvc.exe ~ Scan Services in 00mn 03s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by mvh at 1/09/2011 18:44:51 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll C:\WINDOWS\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver 1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8A772678] 3 CLASSPNP[0xBA0F8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IAAStorageDevice-1[0x8ACC9028] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 06s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by mvh at 1/09/2011 18:44:53 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 08s End of the scan (1499 lines in 00mn 34s)(0)

J'obtiens une alerte "indice de liste hors limites" avec ZHPDiag Voici la fenêtre jusqu'au blocage du soft: Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011 Run by mvh at 1/09/2011 18:39:48 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) MFIE: Mozilla Firefox 4.0.1 v4.0.1 ---\\ Windows Product Information Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ System Information ~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3066 MB (71% free) System Restore: Activé (Enable) System drive C: has 5 GB (10%) free of 49 GB ---\\ Logged in mode ~ Computer Name: POR-MVH ~ User Name: mvh ~ All Users Names: SUPPORT_388945a0, mvh, mcu, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Documents and Settings\mvh\Application Data\ ~ %Desktop% : C:\Documents and Settings\mvh\Bureau\ ~ %Favorites% : C:\Documents and Settings\mvh\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\mvh\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\mvh\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 49 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 56 Go of 249 Go) E:\ CD-ROM drive (Not Inserted) Z:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792] [MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.1/09/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.1/09/2011 - 10:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 9/553 ~ Mes musiques (My Musics) : 1/2 ~ Mes Videos (My Videos) : 2/22 ~ Mes Favoris (My Favorites) : 3/414 ~ Mes Documents (My Documents) : 52/3964 ~ Mon Bureau (My Desktop) : 1/120 ~ Menu demarrer (Programs) : 5/92 ~ Scan Hidden Files in 00mn 00s ---\\ Processus lancés [MD5.AB6A44C8A3C64AC89567784145910F49] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [532480] [PID.] [MD5.2CCCD74F69473B60CB904DC466077AC0] - (.Zetes - Belgium Identity Card Service.) -- C:\WINDOWS\system32\beidservicepcsc.exe [331776] [PID.] [MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.] [MD5.0EA695F38FD27DBE53F3D88C3A0F88DC] - (.Mediafour Corporation - MacDrive service.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [131584] [PID.] [MD5.37036C07983EF1024B2FF3C28AAE5700] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366640] [PID.] [MD5.7E6932EEDA54C8EAF7DC6C2225261B85] - (.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe [214904] [PID.] [MD5.6991A9EA5E74E6035B8DAB17A7572CF3] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe [148520] [PID.] [MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.] [MD5.F1519E42A9CBAC4638CF6C1BFBBD367E] - (.Nitro PDF Software - Solid Spool Service.) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [196928] [PID.] [MD5.1E38790BDEA07472C4B16ADD469E9912] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\WINDOWS\system32\NLSSRV32.EXE [68928] [PID.] [MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\WINDOWS\system32\IoctlSvc.exe [81920] [PID.] [MD5.64E413BA0C529AA40C3924BBCC4153DB] - (.Pas de propriétaire - nTitles PSIService.) -- C:\WINDOWS\system32\PSIService.exe [174656] [PID.] [MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe [189728] [PID.] [MD5.2E7315B147E524E055026E6634B14EA6] - (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [128360] [PID.] [MD5.29C45F29E6B60BBF554DD89E499D384E] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe [165000] [PID.] [MD5.A2E16406728BE43076473A99C2F13678] - (.McAfee, Inc. - McAfee Core Firewall Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe [159832] [PID.] [MD5.FEAE215A64318D84A2077E105D27DC0B] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16859136] [PID.3564] [MD5.0D034E8C4F88C5B2B0C1AF3CF438CC4F] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [86016] [PID.3576] [MD5.10BAE7A1B4027833428220391EACAE49] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1105920] [PID.3616] [MD5.A528A87BF0CFF1BCA1AD2AB70B4B5CFD] - (.Wistron - HotkeyApp.) -- C:\Program Files\Launch Manager\HotkeyApp.exe [192512] [PID.3624] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792] [PID.3672] [MD5.02095B7B324A2D19AF30A23796E2A13F] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe [1312384] [PID.3688] [MD5.CDE36A1A95BB1F9CF77C03B9E01EDE8B] - (.Mediafour Corporation - MacDrive application.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe [167936] [PID.3804] [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.3924] [MD5.33BFCE71F407F24E5DFDB7DD46CE2D6D] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449584] [PID.3932] [MD5.EB2CC7A2441AA4477BCE761800168CCC] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [1840424] [PID.3956] [MD5.B0E6FAA0F0EAD4772C545A3737EFB47F] - (.Wistron Corp. - Pas de description.) -- C:\Program Files\Launch Manager\WisLMSvc.exe [118784] [PID.] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.3976] [MD5.62F68443D244024845B875B44D76A92F] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [537896] [PID.] [MD5.469922A70BA4F71F7D7582ED1E58ED80] - (.Two_toNe - Customize Taskbar Ver1.2.0.) -- D:\TClock\Tclock2_120fr\Tclock2_120fr\tclock2.exe [90624] [PID.2908] [MD5.BE11DA966D6FC74F2137306FB260F6A4] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [1017912] [PID.412] [MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.1772] [MD5.A1F15ABE56BE5B7D7778221A1567231B] - (.Corel - Standby service.) -- C:\Program Files\Fichiers communs\Corel\Standby\Standby.exe [105632] [PID.1792] [MD5.8038AC11981949FCF4BA7269B0215977] - (.Ghisler Software GmbH - Total Commander 32 bit.) -- C:\Program Files\totalcmd\TOTALCMD.EXE [3520256] [PID.248] [MD5.67949CC8A865296C1333C96A4E1A2D66] - (.Microsoft Corporation - Serveur de gestion de ressources des cartes.) -- C:\WINDOWS\System32\SCardSvr.exe [100352] [PID.] [MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.] ~ Scan Processes Running in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G0 - GCSP: Preference [user Data\Default] Google ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\mvh\Application Data\Mozilla\Firefox\Profiles\tcbe9daq.default\prefs.js C:\Documents and Settings\mvh\Application Data\Mozilla\Firefox\Profiles\tcbe9daq.default\user.js (.not file.) M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [mvh - tcbe9daq.default] Google M2 - MFEP: prefs.js [mvh - tcbe9daq.default\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}] [] iMacros for Firefox v7.2.2.0 (.iMacros Team, iOpus Software GmbH.) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- c:\progra~1\mcafee\msc\npmcsn~1.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@rayv.com/rayvplugin] - (.RayV - RayV Plugin.) -- C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (...) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll (.not file.) P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing R1 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\Software\Microsoft\Internet Explorer\Main,Search Page = R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} . (.Tracker Softaware - Pas de description.) -- C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20110721222730.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\Windo O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: PDFXChange 4.0 IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} . (.Tracker Softaware - Pas de description.) -- C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe O4 - HKLM\..\Run: [soundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe O4 - HKLM\..\Run: [AlcWzrd] . (.RealTek Semicoductor Corp. - RealTek AlcWzrd Application.) -- C:\WINDOWS\ALCWZRD.exe O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HotkeyApp] . (.Wistron - HotkeyApp.) -- C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [iTSecMng] . (. TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] . (.Adobe Systems Incorporated - Adobe CS4 Service Manager.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] bthprops.cpl O4 - HKLM\..\Run: [standby] . (.Corel - Standby service.) -- c:\Program Files\Fichiers communs\Corel\Standby\Standby.exe O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [MacDrive 8 application] . (.Mediafour Corporation - MacDrive application.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe O4 - HKLM\..\Run: [Getting started with MacDrive 8] . (.Mediafour Corporation - Get Started with MacDrive.) -- C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe (.not file.) O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe (.not file.) O4 - HKLM\..\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe (.not file.) O4 - HKLM\..\Run: [beidsystemtray] . (.Zetes - beidsystemtray.) -- C:\Program Files\Belgium Identity Card\beidsystemtray.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Bridge CS4.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Device Central CS4.lnk . (.Adobe Systems.) -- C:\Program Files\Adobe\Adobe Device Central CS4\DeviceCentral.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Dreamweaver CS4.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Drive CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Fichiers communs\Adobe\Adobe Drive CS4\ConnectUI\Adobe Drive CS4.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ExtendScript Toolkit CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit CS4\ExtendScript Toolkit.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Extension Manager CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe Extension Manager CS4\Adobe Extension Manager CS4.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Flash CS4 Professional.lnk . (.Adobe Systems Incorporated..) -- C:\Program Files\Adobe\Adobe Flash CS4\Flash.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Help.lnk . (...) -- C:\Program Files\Adobe\Adobe Help\Adobe Help.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Media Encoder CS4.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Adobe Media Encoder CS4\Adobe Media Encoder.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop CS4.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop Lightroom 2.7.lnk . (.Adobe Systems.) -- C:\Program Files\Adobe\Adobe Photoshop Lightroom 2.7\lightroom.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Pixel Bender Toolkit.lnk . (...) -- C:\Program Files\Adobe\Adobe Utilities\Pixel Bender Toolkit\pixel_bender_toolkit.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Nitro PDF Professional.lnk . (...) -- C:\WINDOWS\Installer\{19DCEAAA-AC36-4C34-B1D5-5B94BF6E4BC6}\Professional.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Open Cellar Home Edition 1.2.lnk . (...) -- C:\WINDOWS\Installer\{1F0944C8-C099-4E12-8F0C-617316731B58}\_18be6784.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Sudoku Up.lnk . (...) -- C:\Program Files\Sudoku Up\SudokuUp.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Live ID.lnk . (.Microsoft Corporation.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Sothink SWF Catcher . (...) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} . (.Pas de propriétaire - WinHTTrackIEBar Module.) -- C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Launch WinHTTrack - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} . (.SourceTec - Sothink SWF Catcher.) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\SWFCatcher.dll O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.SourceTec - Sothink SWF Catcher.) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\SWFCatcher.dll O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.mypix.com/be/fr/fw_model/domain/library/aurigma/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232811232187 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232999836765 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://ccff02.minfin.fgov.be/CCFF_Authentication/views/login/signature/capicom.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer = 192.168.2.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} . (.McAfee, Inc. - McAfee MSC IE plugin DLL.) -- c:\progra~1\mcafee\msc\mcsniepl.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (...) -- C:\WINDOWS\system32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Scan Winlogon in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: eID CRL Service (eID CRL Service) . (. Zetes - Belgium Identity Card CRL Service.) - C:\WINDOWS\system32\beidservicecrl.exe O23 - Service: eID Privacy Service (eID Privacy Service) . (.Zetes - Belgium Identity Card Service.) - C:\WINDOWS\system32\beidservicepcsc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MacDrive 8 service (MacDrive8Service) . (.Mediafour Corporation - MacDrive service.) - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) . (.Nitro PDF Software - Solid Spool Service.) - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe O23 - Service: NLS Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\WINDOWS\system32\NLSSRV32.exe O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: ProtexisLicensing (ProtexisLicensing) . (.Pas de propriétaire - nTitles PSIService.) - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006UA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OGALogon.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\One-Click Tweak.job [MD5.1DDB6CA106D92FBB7E2138DF1360EC26] [APT] [Ad-Aware Update (Weekly)] (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006Core] (.Google Inc..) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006UA] (.Google Inc..) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [OGALogon] (...) -- C:\WINDOWS\system32\OGAexeC.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [One-Click Tweak] (...) -- C:\Program Files\Advanced PC Tweaker\OneClick.exe (.not file.) ~ Scan Scheduled Task in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (AmdK7) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\amdk7.sys O41 - Driver: (CBDisk) . (.EldoS Corporation - CallbackDisk Virtual Storage Driver.) - C:\WINDOWS\system32\drivers\CBDisk.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: McAfee Inc. mfetdi2k (mfetdi2k) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\WINDOWS\system32\drivers\mfetdi2k.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\system32\DRIVERS\wmiacpi.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8} O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O42 - Logiciel: Adobe Dreamweaver CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_acce07fd2c8fe7f9e3f26243e626578 O42 - Logiciel: Adobe Flash CS4 Professional - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_a68eec966ce913ddaa63251dc82ed31 O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_faf656ef605427ee2f42989c3ad31b8 O42 - Logiciel: Autopano Giga - (.Kolor.) [HKLM] -- Autopano Giga O42 - Logiciel: BIS TV Viewer - (.RayV.) [HKLM] -- RayV O42 - Logiciel: Belgium Identity Card Run-time 2.6 - (.Fedict.) [HKLM] -- InstallShield_{EA248851-A7D5-4906-8C46-A3CA267F6A24} O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent O42 - Logiciel: Capturino V2 - (.Pas de propriétaire.) [HKCU] -- Capturino V2 O42 - Logiciel: ColorPic - (.Iconico.) [HKLM] -- ColorPic O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- _{72DB27D3-FE05-4227-AF5A-11CD101ECF09} O42 - Logiciel: Corel PaintShop Photo Pro X3 - (.Corel Corporation.) [HKLM] -- _{D1AEB5DB-04FA-489D-94EF-8600898B93EE} O42 - Logiciel: CorelDRAW® Graphics Suite X5 - (.Corel Corporation.) [HKLM] -- _{CE54DCE1-E00A-4D91-ACB9-A2D916C24051} O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1 O42 - Logiciel: DVDFab 8.0.6.8 (05/01/2011) - (.Fengtao Software Inc..) [HKLM] -- DVDFab 8_is1 O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler O42 - Logiciel: Deluxe Pacman (1.70) - (.Pas de propriétaire.) [HKLM] -- Deluxe Pacman_is1 O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2} O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities O42 - Logiciel: FTP Expert 3 - (.Pas de propriétaire.) [HKLM] -- FTP Expert 3 O42 - Logiciel: GPL Ghostscript 8.64 - (.Pas de propriétaire.) [HKLM] -- GPL Ghostscript 8.64 O42 - Logiciel: GSview 4.9 - (.Pas de propriétaire.) [HKLM] -- GSview 4.9 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Hamster Free Video Convertor - (.Hamster Soft.) [HKLM] -- {7E350663-86D3-466A-AB79-28156A9ABF6E}_is1 O42 - Logiciel: HamsterFreeVideoConverter - (.HamsterSoft, Inc..) [HKLM] -- Hamster Free Video Converter_is1 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946040 O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946308 O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946344 O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB947540 O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB947789 O42 - Logiciel: Hotfix for Windows XP (KB915800-v4) - (.Microsoft Corporation.) [HKLM] -- KB915800-v4 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: Image Mender 1.22 - (.Phibit Software.) [HKLM] -- Image Mender O42 - Logiciel: Image Resize Guide 1.0.1 - (.Two Pilots.) [HKLM] -- Image Resize Guide_is1 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: JMicron JMB38X Flash Media Controller - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C} O42 - Logiciel: JPEGCrops 0.7.5 beta - (.Pas de propriétaire.) [HKLM] -- {DEAD07C6-D070-43AB-A60D-D9ABE55E296D}_is1 O42 - Logiciel: KeyChanger Office Edition - (.Keytech-Software.) [HKLM] -- KeyChanger Office Edition2.0 O42 - Logiciel: La cave du sommelier 2 - (.DP Software.) [HKLM] -- {8A37B952-0B30-477D-923D-15C19411F924}_is1 O42 - Logiciel: Launch Manager V1.4.9 - (.Wistron Corp..) [HKLM] -- {D0846526-66DD-4DC9-A02C-98F9A2806812} O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST O42 - Logiciel: MaCave - (.Pas de propriétaire.) [HKCU] -- MACAVEExécutable O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: McAfee AntiVirus Plus - (.McAfee, Inc..) [HKLM] -- MSC O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft Kernel-Mode Driver Framework 1.0 - (.Microsoft Corporation.) [HKLM] -- Wdf01000 O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr) O42 - Logiciel: NoWires Plugin v1.5 - (.Pavel Dovgalyuk.) [HKLM] -- {BA119399-31E4-4FEE-9DC0-D0B1E1B7364A}_is1 O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693 O42 - Logiciel: Pdf995 - (.Pas de propriétaire.) [HKLM] -- Pdf995 O42 - Logiciel: Photomatix Pro version 3.2.2 - (.HDRsoft Sarl.) [HKLM] -- PhotomatixPro3Betax32_is1 O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Registry Healer 4.5.0 uninstall - (.KsL Software.) [HKLM] -- RegHealer_is2 O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97} O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: Services Off-line de Home'Bank 5.11 - (.ING Belgium.) [HKLM] -- Services Off-line de Home'Bank_is1 O42 - Logiciel: Sothink FLV Player - (.SourceTec Software Co., LTD.) [HKLM] -- {CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1 O42 - Logiciel: Sothink SWF Decompiler - (.SourceTec Software Co., LTD.) [HKLM] -- {BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1 O42 - Logiciel: Sothink SWF Quicker - (.SourceTec Software Co., LTD.) [HKLM] -- {D3490D20-3AE0-459D-AAD6-59195140EAC2}_is1 O42 - Logiciel: Sothink Web Video Downloader - (.SourceTec Software Co., LTD.) [HKLM] -- {8C52A46C-7961-4A81-AB4B-92CF65CB4772}_is1 O42 - Logiciel: Sudoku Up 2009 v3.0 - (.TreeCardGames.com.) [HKLM] -- Sudoku Up_is1 O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Total Commander (Remove or Repair) - (.Ghisler Software GmbH.) [HKLM] -- Totalcmd O42 - Logiciel: TweakNow PowerPack 2010 - (.TweakNow.com.) [HKLM] -- TweakNow PowerPack 2010_is1 O42 - Logiciel: UltraISO Premium V9.32 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1 O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553975) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{59D8F1FE-7B08-4F0E-840C-D1BF93D22A6C} O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: WDConver - (.Pas de propriétaire.) [HKCU] -- LOGICAVE II O42 - Logiciel: WinHTTrack Website Copier 3.43-9C - (.HTTrack.) [HKLM] -- WinHTTrack Website Copier_is1 O42 - Logiciel: WinRAR 4.00 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9 O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP O42 - Logiciel: XnView 1.97.6 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1 ---\\ HKCU & HKLM Software Keys [HKCU\Software\ASProtect] [HKCU\Software\ATI Technologies Inc.] [HKCU\Software\ATI] [HKCU\Software\Adobe Lightroom] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Aurigma] [HKCU\Software\BBL] [HKCU\Software\BEID] [HKCU\Software\Bitstream] [HKCU\Software\Bugsplat] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Corel] [HKCU\Software\DAMN] [HKCU\Software\DPSoftware] [HKCU\Software\DVD Shrink] [HKCU\Software\DVDFab] [HKCU\Software\Data Dynamics] [HKCU\Software\DivXNetworks] [HKCU\Software\EasyBoot Systems] [HKCU\Software\Eltima Software] [HKCU\Software\EmSoft] [HKCU\Software\Enigma Protector] [HKCU\Software\Etab Bazile] [HKCU\Software\Fedict] [HKCU\Software\Fujitsu] [HKCU\Software\GPL Ghostscript] [HKCU\Software\Ghisler] [HKCU\Software\Google] [HKCU\Software\Guillaume Lacasa] [HKCU\Software\Hamster] [HKCU\Software\HotkeyPanel] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Kolor] [HKCU\Software\KsL Software] [HKCU\Software\Lavasoft] [HKCU\Software\Licenses] [HKCU\Software\Loisirsoftware] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\McAfee] [HKCU\Software\MimarSinan] [HKCU\Software\MozillaPlugins] [HKCU\Software\MultimediaPhoto] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\New_World_software] [HKCU\Software\Nico Mak Computing] [HKCU\Software\Nitro PDF] [HKCU\Software\NoWires] [HKCU\Software\Nokia] [HKCU\Software\ODBC] [HKCU\Software\PC SOFT] [HKCU\Software\Pando Networks] [HKCU\Software\Phibit Software] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Protexis] [HKCU\Software\RayV] [HKCU\Software\Realtek] [HKCU\Software\Revenger inc.] [HKCU\Software\Reviversoft] [HKCU\Software\RocketDock] [HKCU\Software\Samsung PC Studio] [HKCU\Software\Samsung] [HKCU\Software\SolidDocuments] [HKCU\Software\SourceTec] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\TClock2] [HKCU\Software\Tracker Software] [HKCU\Software\Trolltech] [HKCU\Software\TweakNow PowerPack] [HKCU\Software\UberIcon-v1.0.0] [HKCU\Software\Ulead Systems] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WinHTTrack Website Copier] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\WinZip Computing] [HKCU\Software\Wintertree] [HKCU\Software\XemiComputers] [HKCU\Software\XnView] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Zugo] [HKCU\Software\e] [HKCU\Software\iMacros] [HKLM\Software\ACR38PCSCInstaller] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Bitstream] [HKLM\Software\Borland] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\CAVEditLib] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Corel] [HKLM\Software\DAMN] [HKLM\Software\DPSoftware] [HKLM\Software\DVDFab] [HKLM\Software\DivXNetworks] [HKLM\Software\EasyBoot Systems] [HKLM\Software\EmSoft] [HKLM\Software\FSC] [HKLM\Software\Fedict] [HKLM\Software\GPL Ghostscript] [HKLM\Software\Gemplus] [HKLM\Software\Ghostgum] [HKLM\Software\Google] [HKLM\Software\HotkeyPanel] [HKLM\Software\Iconico] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel Corporation] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KeyChanger Office Edition2] [HKLM\Software\Kolor] [HKLM\Software\Launch Manager] [HKLM\Software\Lavasoft] [HKLM\Software\Liant Software Corporation] [HKLM\Software\Licenses] [HKLM\Software\MAT] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\McAfee.com] [HKLM\Software\McAfee] [HKLM\Software\Mediafour] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nalpeiron] [HKLM\Software\NeroDigital] [HKLM\Software\Nero] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Nitro PDF] [HKLM\Software\ODBC] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\PDF995] [HKLM\Software\Pando Networks] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Protexis] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Reviversoft] [HKLM\Software\Sage] [HKLM\Software\Samsung] [HKLM\Software\Schlumberger] [HKLM\Software\SourceTec] [HKLM\Software\Synaptics] [HKLM\Software\Toshiba] [HKLM\Software\Tracker Software] [HKLM\Software\TrendMicro] [HKLM\Software\Trolltech] [HKLM\Software\TweakNow PowerPack] [HKLM\Software\Two Pilots] [HKLM\Software\Ulead Systems] [HKLM\Software\VideoLAN] [HKLM\Software\Visicom Media] [HKLM\Software\WinASO] [HKLM\Software\WinHTTrack Website Copier] [HKLM\Software\WinRAR] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\XnView] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 11/03/2011 - 22:29:36 - [2211623690] ----D- C:\Program Files\Adobe O43 - CFD: 7/08/2009 - 21:36:56 - [2241762] ----D- C:\Program Files\Advanced DHTML Popup Pro V2 O43 - CFD: 24/01/2009 - 18:54:38 - [986508] ----D- C:\Program Files\Apex O43 - CFD: 18/07/2011 - 14:21:10 - [2428606] ----D- C:\Program Files\Apple Software Update O43 - CFD: 24/01/2009 - 12:15:28 - [108224356] ----D- C:\Program Files\ATI Technologies O43 - CFD: 30/08/2011 - 18:26:52 - [13949430] ----D- C:\Program Files\Belgium Identity Card O43 - CFD: 20/04/2011 - 8:33:28 - [491320] ----D- C:\Program Files\BitTorrent O43 - CFD: 4/02/2009 - 21:51:44 - [1673938] ----D- C:\Program Files\Capturino V2 O43 - CFD: 3/08/2010 - 8:27:28 - [1367471] ----D- C:\Program Files\Ciel O43 - CFD: 1/10/2010 - 18:53:26 - [432555] ----D- C:\Program Files\ColorPic 4.1 O43 - CFD: 25/06/2008 - 10:44:18 - [0] ----D- C:\Program Files\ComPlus Applications O43 - CFD: 24/04/2010 - 21:01:42 - [2532179819] ----D- C:\Program Files\Corel O43 - CFD: 20/06/2009 - 20:30:18 - [184737] ----D- C:\Program Files\DAMN NFO Viewer O43 - CFD: 20/04/2011 - 19:59:34 - [4176624] ----D- C:\Program Files\Defraggler O43 - CFD: 8/08/2009 - 16:24:42 - [3590022] ----D- C:\Program Files\Deluxe Pacman O43 - CFD: 28/06/2010 - 21:52:10 - [800824] ----D- C:\Program Files\DIFX O43 - CFD: 1/03/2009 - 0:02:12 - [826141] ----D- C:\Program Files\DivX O43 - CFD: 28/01/2011 - 22:02:22 - [979856] ----D- C:\Program Files\DVD Shrink O43 - CFD: 29/01/2011 - 0:47:50 - [40698919] ----D- C:\Program Files\DVDFab 8 O43 - CFD: 18/12/2009 - 18:24:04 - [745259475] ----D- C:\Program Files\eMule O43 - CFD: 15/01/2010 - 20:05:32 - [0] ----D- C:\Program Files\EPSON O43 - CFD: 1/03/2011 - 19:44:44 - [1726353423] ----D- C:\Program Files\Fichiers communs O43 - CFD: 10/06/2009 - 21:11:12 - [3555935] ----D- C:\Program Files\Ghostgum O43 - CFD: 10/06/2009 - 21:05:58 - [22876732] ----D- C:\Program Files\gs O43 - CFD: 28/08/2011 - 14:20:08 - [57080457] ----D- C:\Program Files\Hamster Soft O43 - CFD: 24/12/2009 - 0:26:54 - [7255989] ----D- C:\Program Files\Image Mender O43 - CFD: 18/09/2009 - 21:37:34 - [7408938] ----D- C:\Program Files\Image Resize Guide O43 - CFD: 1/02/2009 - 19:01:26 - [39268220] ----D- C:\Program Files\ING O43 - CFD: 18/05/2011 - 19:27:04 - [26856809] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 15/06/2009 - 22:04:28 - [4094125] ----D- C:\Program Files\Intel Corporation O43 - CFD: 10/08/2011 - 21:04:16 - [6087272] ----D- C:\Program Files\Internet Explorer O43 - CFD: 9/07/2011 - 13:13:08 - [91938518] ----D- C:\Program Files\Java O43 - CFD: 17/08/2009 - 21:36:48 - [2608774] ----D- C:\Program Files\JPEGCrops O43 - CFD: 2/02/2010 - 23:48:50 - [415599] ----D- C:\Program Files\KeyChanger Office Edition O43 - CFD: 21/06/2009 - 20:59:16 - [38285535] ----D- C:\Program Files\Kolor O43 - CFD: 30/08/2011 - 18:18:58 - [55753617] ----D- C:\Program Files\La cave du sommelier 2 O43 - CFD: 27/01/2009 - 21:37:30 - [699097] ----D- C:\Program Files\Launch Manager O43 - CFD: 9/06/2011 - 17:55:16 - [39552019] ----D- C:\Program Files\Lavasoft O43 - CFD: 12/06/2011 - 21:01:20 - [32788430] ----D- C:\Program Files\Logicave II O43 - CFD: 30/08/2011 - 18:44:40 - [6953643] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 17/06/2011 - 18:47:22 - [3818669] ----D- C:\Program Files\Matthieu DUCROCQ O43 - CFD: 9/05/2010 - 18:14:00 - [232645437] ----D- C:\Program Files\McAfee O43 - CFD: 10/05/2010 - 17:43:56 - [2175257] ----D- C:\Program Files\McAfee.com O43 - CFD: 24/09/2009 - 22:12:02 - [74874326] ----D- C:\Program Files\Mediafour O43 - CFD: 24/01/2009 - 17:44:26 - [2152579] ----D- C:\Program Files\Messenger O43 - CFD: 28/10/2010 - 18:40:42 - [752723] ----D- C:\Program Files\Microsoft O43 - CFD: 19/05/2011 - 18:42:22 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 25/06/2008 - 10:45:04 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 30/06/2011 - 6:56:44 - [585358876] ----D- C:\Program Files\Microsoft Office O43 - CFD: 3/03/2010 - 20:04:34 - [246784] ----D- C:\Program Files\Microsoft SDKs O43 - CFD: 17/06/2011 - 13:38:06 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 28/01/2009 - 22:31:38 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 28/01/2009 - 22:28:26 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 3/03/2010 - 20:07:20 - [86607837] ----D- C:\Program Files\Microsoft Visual Studio 9.0 O43 - CFD: 23/04/2011 - 8:58:14 - [0] ----D- C:\Program Files\Microsoft Windows 7 Upgrade Advisor O43 - CFD: 1/05/2009 - 16:59:40 - [3726168] ----D- C:\Program Files\Microsoft Works O43 - CFD: 16/08/2010 - 14:11:16 - [8203663] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 12/08/2010 - 22:59:02 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 28/08/2011 - 19:01:16 - [32692538] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 28/01/2009 - 23:08:10 - [26521] ----D- C:\Program Files\MSBuild O43 - CFD: 24/01/2009 - 19:09:20 - [21471559] ----D- C:\Program Files\MSN O43 - CFD: 25/06/2008 - 10:45:10 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 26/01/2009 - 22:04:18 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 30/01/2011 - 14:05:14 - [639766283] ----D- C:\Program Files\Nero O43 - CFD: 24/01/2009 - 19:19:48 - [0] ----D- C:\Program Files\NeroInstall.bak O43 - CFD: 25/06/2008 - 10:45:12 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 18/01/2011 - 22:43:44 - [125604648] ----D- C:\Program Files\Nitro PDF O43 - CFD: 28/06/2010 - 21:52:14 - [1534] ----D- C:\Program Files\Nokia O43 - CFD: 11/03/2010 - 0:59:28 - [704526] ----D- C:\Program Files\NoWires Plugin O43 - CFD: 25/06/2008 - 10:47:16 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 16/12/2010 - 23:21:48 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 16/04/2011 - 23:38:10 - [7390817] ----D- C:\Program Files\Pando Networks O43 - CFD: 28/06/2010 - 21:52:04 - [13394442] ----D- C:\Program Files\PC Connectivity Solution O43 - CFD: 22/09/2009 - 22:45:20 - [13795016] ----D- C:\Program Files\pdf995 O43 - CFD: 18/09/2009 - 20:59:12 - [10624522] ----D- C:\Program Files\PhotomatixPro3 O43 - CFD: 28/02/2011 - 19:10:34 - [76322555] ----D- C:\Program Files\QuickTime O43 - CFD: 18/02/2010 - 23:32:26 - [13012823] ----D- C:\Program Files\RayV O43 - CFD: 28/01/2009 - 23:08:04 - [85987492] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 1/02/2009 - 18:57:48 - [1273083] ----D- C:\Program Files\RegHealer O43 - CFD: 29/03/2009 - 19:06:20 - [201283862] ----D- C:\Program Files\Samsung O43 - CFD: 25/06/2008 - 10:47:16 - [1025] ----D- C:\Program Files\Services en ligne O43 - CFD: 19/09/2010 - 0:16:00 - [61131941] ----D- C:\Program Files\SourceTec O43 - CFD: 24/04/2010 - 19:52:08 - [0] ----D- C:\Program Files\SpeedProject O43 - CFD: 9/10/2009 - 21:24:08 - [40051127] ----D- C:\Program Files\Sudoku Up O43 - CFD: 24/01/2009 - 12:48:04 - [33213011] ----D- C:\Program Files\Synaptics O43 - CFD: 24/01/2009 - 19:11:02 - [51830980] ----D- C:\Program Files\Toshiba O43 - CFD: 16/08/2009 - 22:45:28 - [7857400] ----D- C:\Program Files\totalcmd O43 - CFD: 16/10/2010 - 12:10:00 - [59684431] ----D- C:\Program Files\Tracker Software O43 - CFD: 31/08/2011 - 19:53:00 - [410314] ----D- C:\Program Files\Trend Micro O43 - CFD: 1/01/2011 - 15:09:58 - [26565543] ----D- C:\Program Files\TweakNow PowerPack 2010 O43 - CFD: 11/10/2009 - 21:21:16 - [3] ----D- C:\Program Files\TweakNow PowerPack Pro O43 - CFD: 18/09/2009 - 21:36:16 - [32256] ----D- C:\Program Files\Two Pilots O43 - CFD: 3/02/2009 - 1:36:36 - [6033675] ----D- C:\Program Files\UltraISO O43 - CFD: 1/01/2011 - 15:11:30 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 5/04/2009 - 20:47:02 - [74466874] ----D- C:\Program Files\VideoLAN O43 - CFD: 2/12/2009 - 22:13:12 - [8037977] ----D- C:\Program Files\Visicom Media O43 - CFD: 11/06/2009 - 23:12:16 - [5418300] ----D- C:\Program Files\Windows Desktop Search O43 - CFD: 20/01/2011 - 20:58:44 - [81920056] ----D- C:\Program Files\Windows Live O43 - CFD: 5/04/2009 - 21:05:48 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 28/01/2010 - 22:03:36 - [14346481] ----D- C:\Program Files\Windows Media Components O43 - CFD: 24/01/2009 - 17:42:52 - [3581070] ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD: 24/01/2009 - 17:42:52 - [8278281] ----D- C:\Program Files\Windows Media Player O43 - CFD: 25/06/2008 - 10:47:18 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 25/06/2008 - 10:47:20 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 17/09/2010 - 18:46:16 - [12849690] ----D- C:\Program Files\WinHTTrack O43 - CFD: 12/05/2011 - 20:31:22 - [738770532] ----D- C:\Program Files\WinRAR O43 - CFD: 22/05/2010 - 21:57:46 - [17402572] ----D- C:\Program Files\WinZip O43 - CFD: 7/10/2010 - 18:45:38 - [53760] ----D- C:\Program Files\Wondershare O43 - CFD: 4/02/2010 - 23:04:38 - [51760923] ----D- C:\Program Files\WordPerfect Mail Setup O43 - CFD: 18/09/2009 - 20:33:40 - [44032] ----D- C:\Program Files\XemiComputers O43 - CFD: 25/06/2008 - 10:47:20 - [0] ----D- C:\Program Files\xerox O43 - CFD: 13/08/2010 - 17:27:00 - [9407201] ----D- C:\Program Files\XnView O43 - CFD: 1/09/2011 - 18:39:52 - [4013778] ----D- C:\Program Files\ZHPDiag O43 - CFD: 11/03/2011 - 22:29:42 - [840028195] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 22/05/2010 - 9:38:22 - [32159844] ----D- C:\Program Files\Fichiers Communs\Adobe AIR O43 - CFD: 5/04/2010 - 14:28:16 - [54774793] ----D- C:\Program Files\Fichiers Communs\Apple O43 - CFD: 24/04/2010 - 20:57:24 - [6235983] ----D- C:\Program Files\Fichiers Communs\Corel O43 - CFD: 28/01/2009 - 22:31:36 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD: 3/02/2009 - 1:35:34 - [262144] ----D- C:\Program Files\Fichiers Communs\EZB Systems O43 - CFD: 7/08/2009 - 21:36:56 - [19215972] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 1/03/2011 - 19:44:44 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 5/02/2009 - 0:41:00 - [655885] ----D- C:\Program Files\Fichiers Communs\Macrovision Shared O43 - CFD: 9/05/2010 - 18:13:36 - [26574076] ----D- C:\Program Files\Fichiers Communs\McAfee O43 - CFD: 11/11/2010 - 19:31:16 - [2368512] ----D- C:\Program Files\Fichiers Communs\Mediafour O43 - CFD: 28/10/2010 - 18:40:58 - [301151020] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 25/06/2008 - 10:44:54 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 30/01/2011 - 14:05:30 - [153452020] ----D- C:\Program Files\Fichiers Communs\Nero O43 - CFD: 18/01/2011 - 22:43:46 - [16539614] ----D- C:\Program Files\Fichiers Communs\Nitro PDF O43 - CFD: 25/06/2008 - 10:44:54 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 23/04/2010 - 20:30:28 - [3166048] ----D- C:\Program Files\Fichiers Communs\Protexis O43 - CFD: 24/12/2009 - 20:20:36 - [614400] ----D- C:\Program Files\Fichiers Communs\Sage O43 - CFD: 25/06/2008 - 10:44:54 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 19/09/2010 - 0:16:04 - [6593577] ----D- C:\Program Files\Fichiers Communs\SourceTec O43 - CFD: 25/06/2008 - 10:44:54 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 1/05/2009 - 16:58:28 - [41360630] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 24/04/2010 - 20:51:34 - [56216709] ----D- C:\Program Files\Fichiers Communs\Ulead Systems O43 - CFD: 5/04/2009 - 21:02:00 - [141128236] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 24/01/2009 - 18:54:52 - [18424343] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller O43 - CFD: 13/03/2011 - 16:21:28 - [73435590] ----D- C:\Documents and Settings\mvh\Application Data\Adobe O43 - CFD: 16/07/2009 - 14:54:00 - [2590] ----D- C:\Documents and Settings\mvh\Application Data\Apple Computer O43 - CFD: 24/01/2009 - 23:06:34 - [0] ----D- C:\Documents and Settings\mvh\Application Data\ATI O43 - CFD: 18/05/2011 - 19:29:24 - [8890] ----D- C:\Documents and Settings\mvh\Application Data\beid-cache O43 - CFD: 24/08/2011 - 21:12:00 - [3700789] ----D- C:\Documents and Settings\mvh\Application Data\BitTorrent O43 - CFD: 24/05/2010 - 22:11:04 - [8458] ----D- C:\Documents and Settings\mvh\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O43 - CFD: 28/04/2011 - 20:46:22 - [2560] ----D- C:\Documents and Settings\mvh\Application Data\Classes de site O43 - CFD: 24/04/2010 - 20:24:48 - [44891668] ----D- C:\Documents and Settings\mvh\Application Data\Corel O43 - CFD: 5/04/2009 - 20:48:30 - [0] ----D- C:\Documents and Settings\mvh\Application Data\DivX O43 - CFD: 12/09/2009 - 14:58:02 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Download Manager O43 - CFD: 18/01/2011 - 22:41:22 - [605446144] ----D- C:\Documents and Settings\mvh\Application Data\Downloaded Installations O43 - CFD: 29/07/2011 - 22:23:40 - [199] ----D- C:\Documents and Settings\mvh\Application Data\dvdcss O43 - CFD: 2/12/2009 - 22:15:22 - [109199] ----D- C:\Documents and Settings\mvh\Application Data\Dynamique O43 - CFD: 15/02/2010 - 0:29:08 - [1806797] ----D- C:\Documents and Settings\mvh\Application Data\e O43 - CFD: 14/01/2011 - 0:15:32 - [179] ----D- C:\Documents and Settings\mvh\Application Data\HamsterSoft O43 - CFD: 25/06/2008 - 10:43:08 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Identities O43 - CFD: 18/09/2009 - 21:36:40 - [932] ----D- C:\Documents and Settings\mvh\Application Data\ImageResizeGuide O43 - CFD: 27/01/2009 - 19:44:40 - [353953] ----D- C:\Documents and Settings\mvh\Application Data\Macromedia O43 - CFD: 30/08/2011 - 18:44:44 - [4490] ----D- C:\Documents and Settings\mvh\Application Data\Malwarebytes O43 - CFD: 9/07/2011 - 8:35:26 - [6477630] -S--D- C:\Documents and Settings\mvh\Application Data\Microsoft O43 - CFD: 6/06/2011 - 18:39:54 - [17979993] ----D- C:\Documents and Settings\mvh\Application Data\Mozilla O43 - CFD: 31/01/2011 - 19:25:08 - [2564760] ----D- C:\Documents and Settings\mvh\Application Data\Nero O43 - CFD: 23/04/2011 - 18:53:38 - [210906] ----D- C:\Documents and Settings\mvh\Application Data\Nitro PDF O43 - CFD: 22/09/2009 - 22:10:32 - [356] ----D- C:\Documents and Settings\mvh\Application Data\Office Genuine Advantage O43 - CFD: 28/06/2010 - 21:54:08 - [446] ----D- C:\Documents and Settings\mvh\Application Data\PC Suite O43 - CFD: 18/03/2009 - 23:06:28 - [28] ----D- C:\Documents and Settings\mvh\Application Data\pdf995 O43 - CFD: 14/05/2011 - 20:58:08 - [4215305] ----D- C:\Documents and Settings\mvh\Application Data\RayV O43 - CFD: 16/04/2011 - 21:44:26 - [1507395] ----D- C:\Documents and Settings\mvh\Application Data\Reviversoft O43 - CFD: 10/03/2009 - 22:49:50 - [21] ----D- C:\Documents and Settings\mvh\Application Data\Samsung O43 - CFD: 28/04/2011 - 20:46:22 - [581120] ----D- C:\Documents and Settings\mvh\Application Data\Sites O43 - CFD: 30/01/2009 - 19:42:00 - [80694482] ----D- C:\Documents and Settings\mvh\Application Data\Sun O43 - CFD: 9/10/2009 - 21:24:10 - [57722] ----D- C:\Documents and Settings\mvh\Application Data\TreeCardGames O43 - CFD: 11/10/2009 - 21:21:16 - [705] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack O43 - CFD: 24/04/2010 - 19:50:50 - [3669520] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack 2009 O43 - CFD: 24/04/2010 - 19:39:04 - [8192] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack 2010 O43 - CFD: 24/04/2010 - 21:02:40 - [53000] ----D- C:\Documents and Settings\mvh\Application Data\Ulead Systems O43 - CFD: 20/02/2010 - 11:07:02 - [230969] ----D- C:\Documents and Settings\mvh\Application Data\VitySoft O43 - CFD: 28/08/2011 - 14:35:06 - [476426] ----D- C:\Documents and Settings\mvh\Application Data\vlc O43 - CFD: 24/01/2009 - 23:06:30 - [196] ----D- C:\Documents and Settings\mvh\Application Data\Windows Desktop Search O43 - CFD: 3/07/2009 - 10:00:12 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Windows Search O43 - CFD: 1/05/2009 - 15:48:16 - [12] ----D- C:\Documents and Settings\mvh\Application Data\WinRAR O43 - CFD: 18/09/2009 - 20:33:50 - [3124278] ----D- C:\Documents and Settings\mvh\Application Data\XemiComputers O43 - CFD: 15/04/2011 - 20:23:34 - [115769] ----D- C:\Documents and Settings\mvh\Application Data\XnView O43 - CFD: 23/05/2010 - 20:47:48 - [35092985] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Adobe O43 - CFD: 19/04/2009 - 14:04:48 - [7078274] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Ahead O43 - CFD: 16/07/2009 - 14:51:52 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Apple O43 - CFD: 16/07/2009 - 14:51:02 - [96361370] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Apple Computer O43 - CFD: 29/07/2011 - 18:32:50 - [11848] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\ApplicationHistory O43 - CFD: 24/01/2009 - 23:06:34 - [40577] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\ATI O43 - CFD: 14/01/2011 - 23:56:20 - [146378] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Corel O43 - CFD: 28/08/2011 - 11:00:00 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Deployment O43 - CFD: 23/02/2010 - 22:22:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Emurasoft O43 - CFD: 26/09/2010 - 18:30:22 - [205220] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\GHISLER O43 - CFD: 1/06/2011 - 21:04:02 - [534573029] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Google O43 - CFD: 24/01/2009 - 23:06:32 - [229816] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Identities O43 - CFD: 13/03/2011 - 16:21:28 - [604778107] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft O43 - CFD: 20/02/2010 - 11:24:54 - [4447] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft Corporation O43 - CFD: 25/06/2008 - 10:43:08 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft Help O43 - CFD: 6/06/2011 - 18:39:38 - [301531226] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Mozilla O43 - CFD: 28/06/2010 - 22:00:40 - [637952] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Nokia O43 - CFD: 28/06/2010 - 21:56:16 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\NokiaAccount O43 - CFD: 24/04/2010 - 21:03:38 - [98304] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\NOS O43 - CFD: 16/04/2011 - 23:38:56 - [31114] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Pando O43 - CFD: 4/02/2010 - 23:57:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\PCHealth O43 - CFD: 25/06/2008 - 10:43:08 - [285696] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Seven Zip O43 - CFD: 15/12/2009 - 21:44:16 - [59183] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\SourceTec O43 - CFD: 4/08/2011 - 21:07:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Temp O43 - CFD: 17/06/2011 - 18:57:44 - [177] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\WDSetup O43 - CFD: 23/04/2011 - 9:05:04 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Yahoo! ~ Scan Program Folder in 00mn 04s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 1/09/2011 - 17:12:48 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.493625AD9FE14BECBEA24034A24A05CB] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.B099B38B0FEBD7E0E53787475DD2BFC7] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.9B9C37AE1B7B5E3E334F8D68267643E1] - 1/09/2011 - 17:15:08 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1828295] O44 - LFC:[MD5.D4B38373FC06C070AA7D6AC5E1232FC2] - 1/09/2011 - 17:31:32 ---A- . (...) -- C:\TDSSKiller.2.5.17.0_01.09.2011_18.23.49_log.txt [56134] O44 - LFC:[MD5.43A22045C0D52393815A2A26858E05F8] - 1/09/2011 - 17:32:50 ---A- . (...) -- C:\WINDOWS\wincmd.ini [4718] O44 - LFC:[MD5.09DA793B0CC13C79FB661D5FE871D6D7] - 1/09/2011 - 17:38:50 ---A- . (...) -- C:\WINDOWS\setupapi.log [990854] O44 - LFC:[MD5.A4BB36C94A6F6F780D6D1C10F6B96E5E] - 1/09/2011 - 6:37:03 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32088] O44 - LFC:[MD5.55328E4D5D0A45D78F7CF071F490405C] - 28/08/2011 - 9:39:59 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [1158] O44 - LFC:[MD5.CAF61893287EC7417CA4D2D1B8FA1252] - 28/08/2011 - 9:49:35 ---A- . (...) -- C:\WINDOWS\msmqinst.log [480550] O44 - LFC:[MD5.CCA99A05B4B5D78BB54E7F327B1389FA] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1492862] O44 - LFC:[MD5.F14E07133B141EF16653A152D0C63770] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\KB2562937.log [12419] O44 - LFC:[MD5.E7B491F7B7F5AD245138E47121B62BB2] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [104212] O44 - LFC:[MD5.C712C8E03EEFDE8FFA7D5770965DE3F9] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\comsetup.log [511643] O44 - LFC:[MD5.79F9B1B2D64242515616C5E81E4B15A4] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\iis6.log [1714486] O44 - LFC:[MD5.B545F3BD1154D2ACBCDC697A540EDCB0] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\imsins.log [1374] O44 - LFC:[MD5.EB11DAC8BBE4BF2022BBBECFF69904FC] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\msgsocm.log [75500] O44 - LFC:[MD5.A19CEE3B286D84EC2F3B33BF630F764A] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\netfxocm.log [262700] O44 - LFC:[MD5.04A8EBEF1FE5AE6FE26C450E7E6FC276] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [310103] O44 - LFC:[MD5.6A6984B80F6F7EA35950C06FB4865A97] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ocgen.log [741780] O44 - LFC:[MD5.6506C080F1C986F2D2A5D745D7DFE7F4] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ocmsn.log [83367] O44 - LFC:[MD5.2F897C74E10567D604077E638247564F] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\tabletoc.log [75574] O44 - LFC:[MD5.F3D50B06D30DD19F86E84EFA316C584E] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\tsoc.log [695496] O44 - LFC:[MD5.F1C8125909F79AC37F1DCBE518113F1D] - 30/08/2011 - 20:05:42 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [366994] O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 30/08/2011 - 17:44:39 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272] O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 30/08/2011 - 17:44:34 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O44 - LFC:[MD5.A8E0AB52299BC87F1EB080E2A3FC9BBE] - 30/08/2011 - 17:25:54 ---A- . (.The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS - OpenSSL Shared Library.) -- C:\WINDOWS\system32\ssleay32_0_9_8g.dll [200704] O44 - LFC:[MD5.4A472B9676039C11A2A8DB93FD59B2CF] - 30/08/2011 - 17:25:32 ---A- . (.The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS - OpenSSL Shared Library.) -- C:\WINDOWS\system32\libeay32_0_9_8g.dll [1044480] O44 - LFC:[MD5.B412A5393E9BF796D97B12E0BDD1E12A] - 28/08/2011 - 13:23:57 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [404640] O44 - LFC:[MD5.8252837BEDD4BDCA6C6F3EB53A716EB6] - 27/08/2011 - 13:29:36 ---A- . (...) -- C:\WINDOWS\KB2570791.log [3730] O44 - LFC:[MD5.0D01E3A81F22ED04F96D72A1D3F3E559] - 27/08/2011 - 13:29:36 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [235670] O44 - LFC:[MD5.CB17A47D090938A02DACB066D6D5A124] - 25/08/2011 - 16:58:10 ---A- . (...) -- C:\WINDOWS\system32\rp_rules.dat [44] O44 - LFC:[MD5.8A3D5B46FF8C9CED46304F1EBB5F9AFE] - 25/08/2011 - 16:58:10 ---A- . (...) -- C:\WINDOWS\system32\rp_stats.dat [64] O44 - LFC:[MD5.29112307112535F9CE13D924B00994E6] - 10/08/2011 - 20:09:11 ---A- . (...) -- C:\WINDOWS\KB2567680.log [15639] O44 - LFC:[MD5.9A465F3F504A35BECD25CAF07F73CF05] - 10/08/2011 - 20:09:11 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374] O44 - LFC:[MD5.395476DBD0CD22A30CAF8A362897E860] - 10/08/2011 - 20:09:10 ---A- . (...) -- C:\WINDOWS\updspapi.log [185275] O44 - LFC:[MD5.70718448639322BC2ACE5A42B0A46FC4] - 10/08/2011 - 20:08:33 ---A- . (...) -- C:\WINDOWS\KB2536276-v2.log [11055] O44 - LFC:[MD5.D957CCDC044932A3993E89D02BF627A6] - 10/08/2011 - 20:07:50 ---A- . (...) -- C:\WINDOWS\KB2570222.log [10922] O44 - LFC:[MD5.7106FD5F0A7BFEF64EA395DC93C6CC81] - 10/08/2011 - 20:04:24 ---A- . (...) -- C:\WINDOWS\KB2559049-IE8.log [14906] O44 - LFC:[MD5.BDB7D76531D5BC9E05EACD04ED28813E] - 10/08/2011 - 20:03:56 ---A- . (...) -- C:\WINDOWS\KB2566454.log [6931] ~ Scan Files in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "D:\Rmcob700\RUNCOBOL.EXE" [Enabled] .(.Liant Software Corporation - RM/COBOL Runtime Executable.) -- D:\Rmcob700\RUNCOBOL.exe O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [Enabled] .(.Adobe Systems Incorporated.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe" [Enabled] .(...) -- C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\RayV\RayV\RayV.exe" [Enabled] .(.RayV - RayV.) -- C:\Program Files\RayV\RayV\RayV.exe O47 - AAKE:Key Export SP - "C:\Program Files\RayV\RayV\RayV.dll" [Enabled] .(.RayV - RayV Viewer SDK.) -- C:\Program Files\RayV\RayV\RayV.dll O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\bittorrent.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "C:\Program Files\Pando Networks\Pando\Pando.exe" [Enabled] .(.Pando Networks - pando.) -- C:\Program Files\Pando Networks\Pando\Pando.exe O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe" [Enabled] .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\WINDOWS\system32\Drivers\mfefirek.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\WINDOWS\system32\Drivers\mfehidk.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) ~ Scan CSB in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ Scan IFEO in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll O52 - TDSD: \Drivers32\"msacm.dvacm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm" . (...) -- (.not file.) O52 - TDSD: \Drivers32\"msacm.MPEGacm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm" . (...) -- (.not file.) O52 - TDSD: \Drivers32\"msacm.ulmp3acm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.8.5 Codec" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm"="Ulead ACM MP3 Codec" . (...) -- (.not file.) ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ Scan Keys in 00mn 00s

Merci pour votre réponse Voici déjà le rapport TDSSkiller: 2011/09/01 18:23:49.0703 3224 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57 2011/09/01 18:23:50.0609 3224 ================================================================================ 2011/09/01 18:23:50.0609 3224 SystemInfo: 2011/09/01 18:23:50.0609 3224 2011/09/01 18:23:50.0609 3224 OS Version: 5.1.2600 ServicePack: 3.0 2011/09/01 18:23:50.0609 3224 Product type: Workstation 2011/09/01 18:23:50.0609 3224 ComputerName: POR-MVH 2011/09/01 18:23:50.0609 3224 UserName: mvh 2011/09/01 18:23:50.0609 3224 Windows directory: C:\WINDOWS 2011/09/01 18:23:50.0609 3224 System windows directory: C:\WINDOWS 2011/09/01 18:23:50.0609 3224 Processor architecture: Intel x86 2011/09/01 18:23:50.0609 3224 Number of processors: 2 2011/09/01 18:23:50.0609 3224 Page size: 0x1000 2011/09/01 18:23:50.0609 3224 Boot type: Normal boot 2011/09/01 18:23:50.0609 3224 ================================================================================ 2011/09/01 18:23:51.0171 3224 Initialize success 2011/09/01 18:23:58.0531 1456 ================================================================================ 2011/09/01 18:23:58.0531 1456 Scan started 2011/09/01 18:23:58.0531 1456 Mode: Manual; 2011/09/01 18:23:58.0531 1456 ================================================================================ 2011/09/01 18:23:59.0015 1456 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 2011/09/01 18:23:59.0046 1456 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/09/01 18:23:59.0078 1456 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 2011/09/01 18:23:59.0140 1456 ACSSCR (b6a0f723a54884e77fce0f69083f90c9) C:\WINDOWS\system32\DRIVERS\a38usb.sys 2011/09/01 18:23:59.0171 1456 adfs (73685e15ef8b0bd9c30f1af413f13d49) C:\WINDOWS\system32\drivers\adfs.sys 2011/09/01 18:23:59.0265 1456 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 2011/09/01 18:23:59.0312 1456 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/09/01 18:23:59.0343 1456 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 2011/09/01 18:23:59.0390 1456 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 2011/09/01 18:23:59.0406 1456 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 2011/09/01 18:23:59.0437 1456 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 2011/09/01 18:23:59.0468 1456 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 2011/09/01 18:23:59.0500 1456 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 2011/09/01 18:23:59.0546 1456 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 2011/09/01 18:23:59.0562 1456 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 2011/09/01 18:23:59.0578 1456 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 2011/09/01 18:23:59.0609 1456 AmdK7 (d3dabc57be6d456dfd4bc026cfa582ff) C:\WINDOWS\system32\DRIVERS\amdk7.sys 2011/09/01 18:23:59.0640 1456 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 2011/09/01 18:23:59.0687 1456 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/09/01 18:23:59.0687 1456 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 2011/09/01 18:23:59.0703 1456 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 2011/09/01 18:23:59.0718 1456 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 2011/09/01 18:23:59.0828 1456 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/09/01 18:23:59.0843 1456 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/09/01 18:23:59.0984 1456 ati2mtag (a4d1c3cd20c8c595af1817bb5352ecd6) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2011/09/01 18:24:00.0046 1456 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/09/01 18:24:00.0078 1456 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/09/01 18:24:00.0093 1456 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/09/01 18:24:00.0156 1456 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys 2011/09/01 18:24:00.0187 1456 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys 2011/09/01 18:24:00.0234 1456 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys 2011/09/01 18:24:00.0265 1456 BTHPORT (ef26202fee56f7607c6b794059df347a) C:\WINDOWS\system32\Drivers\BTHport.sys 2011/09/01 18:24:00.0312 1456 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys 2011/09/01 18:24:00.0343 1456 CBDisk (93c568904e116607df2389907a9d8899) C:\WINDOWS\system32\drivers\CBDisk.sys 2011/09/01 18:24:00.0437 1456 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 2011/09/01 18:24:00.0453 1456 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/09/01 18:24:00.0484 1456 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2011/09/01 18:24:00.0515 1456 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 2011/09/01 18:24:00.0531 1456 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/09/01 18:24:00.0578 1456 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/09/01 18:24:00.0609 1456 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/09/01 18:24:00.0656 1456 cfwids (ecaf4a51580244fef1aa32cb984f13bf) C:\WINDOWS\system32\drivers\cfwids.sys 2011/09/01 18:24:00.0734 1456 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2011/09/01 18:24:00.0750 1456 CmdIde (e3726ad522d0bdae090671048c991ab3) C:\WINDOWS\system32\DRIVERS\cmdide.sys 2011/09/01 18:24:00.0765 1456 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2011/09/01 18:24:00.0796 1456 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 2011/09/01 18:24:00.0828 1456 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 2011/09/01 18:24:00.0843 1456 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 2011/09/01 18:24:00.0859 1456 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/09/01 18:24:00.0906 1456 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 2011/09/01 18:24:00.0937 1456 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 2011/09/01 18:24:00.0953 1456 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/09/01 18:24:01.0000 1456 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/09/01 18:24:01.0031 1456 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 2011/09/01 18:24:01.0078 1456 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/09/01 18:24:01.0125 1456 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/09/01 18:24:01.0156 1456 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2011/09/01 18:24:01.0171 1456 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys 2011/09/01 18:24:01.0187 1456 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 2011/09/01 18:24:01.0359 1456 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2011/09/01 18:24:01.0375 1456 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 2011/09/01 18:24:01.0390 1456 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/09/01 18:24:01.0421 1456 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/09/01 18:24:01.0453 1456 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/09/01 18:24:01.0468 1456 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2011/09/01 18:24:01.0515 1456 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/09/01 18:24:01.0578 1456 Hotkey (8b566ea71d5b76157a9cdb78f25a5731) C:\WINDOWS\system32\drivers\Hotkey.sys 2011/09/01 18:24:01.0656 1456 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 2011/09/01 18:24:01.0703 1456 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/09/01 18:24:01.0734 1456 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 2011/09/01 18:24:01.0765 1456 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 2011/09/01 18:24:01.0812 1456 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/09/01 18:24:01.0859 1456 iaStor (80c633722da72e97f3f5b3b11325696d) C:\WINDOWS\system32\DRIVERS\iaStor.sys 2011/09/01 18:24:01.0890 1456 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/09/01 18:24:01.0921 1456 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 2011/09/01 18:24:02.0078 1456 IntcAzAudAddService (1824c4894aa438cd06c976e44b9e7353) C:\WINDOWS\system32\drivers\RtkHDAud.sys 2011/09/01 18:24:02.0140 1456 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys 2011/09/01 18:24:02.0171 1456 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2011/09/01 18:24:02.0218 1456 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 2011/09/01 18:24:02.0250 1456 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/09/01 18:24:02.0265 1456 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/09/01 18:24:02.0296 1456 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/09/01 18:24:02.0312 1456 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/09/01 18:24:02.0328 1456 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/09/01 18:24:02.0359 1456 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/09/01 18:24:02.0453 1456 ISODrive (bf71a06ff065e3fd7e32ea67dca34885) C:\Program Files\UltraISO\drivers\ISODrive.sys 2011/09/01 18:24:02.0546 1456 JMCR (dedb6cc1b166928a8f3f68def1766db0) C:\WINDOWS\system32\DRIVERS\jmcr.sys 2011/09/01 18:24:02.0562 1456 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/09/01 18:24:02.0593 1456 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/09/01 18:24:02.0609 1456 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/09/01 18:24:02.0671 1456 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys 2011/09/01 18:24:02.0750 1456 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\WINDOWS\system32\drivers\mbam.sys 2011/09/01 18:24:02.0984 1456 MDFSYSNT (958b893eb11586b4ed1301ba067abc94) C:\WINDOWS\system32\drivers\MDFSYSNT.sys 2011/09/01 18:24:03.0078 1456 MDPMGRNT (9f06ca581cce21fc72a946487aa243e9) C:\WINDOWS\system32\drivers\MDPMGRNT.sys 2011/09/01 18:24:03.0171 1456 mfeapfk (688b626fca708ee9eb161cad1f7363a9) C:\WINDOWS\system32\drivers\mfeapfk.sys 2011/09/01 18:24:03.0203 1456 mfeavfk (693a8d924b640223974e0a88f2baf0f4) C:\WINDOWS\system32\drivers\mfeavfk.sys 2011/09/01 18:24:03.0234 1456 mfebopk (52c40d19873528bd15823c969d3ad227) C:\WINDOWS\system32\drivers\mfebopk.sys 2011/09/01 18:24:03.0265 1456 mfefirek (e37b98d49df546f4059483d49e349a53) C:\WINDOWS\system32\drivers\mfefirek.sys 2011/09/01 18:24:03.0312 1456 mfehidk (44184f32392fa2e94d08d056ce750d56) C:\WINDOWS\system32\drivers\mfehidk.sys 2011/09/01 18:24:03.0343 1456 mfendisk (8c434d77c7a8cd97f8f4c2b0be19d541) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 2011/09/01 18:24:03.0359 1456 mfendiskmp (8c434d77c7a8cd97f8f4c2b0be19d541) C:\WINDOWS\system32\DRIVERS\mfendisk.sys 2011/09/01 18:24:03.0390 1456 mferkdet (5f5313bfd1e73233885a26ab77488f6f) C:\WINDOWS\system32\drivers\mferkdet.sys 2011/09/01 18:24:03.0437 1456 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys 2011/09/01 18:24:03.0484 1456 mfetdi2k (8d1a44e1f46bcf4acfe9c701edd340e3) C:\WINDOWS\system32\drivers\mfetdi2k.sys 2011/09/01 18:24:03.0531 1456 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/09/01 18:24:03.0562 1456 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 2011/09/01 18:24:03.0656 1456 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/09/01 18:24:03.0687 1456 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/09/01 18:24:03.0718 1456 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/09/01 18:24:03.0750 1456 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 2011/09/01 18:24:03.0765 1456 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/09/01 18:24:03.0828 1456 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/09/01 18:24:03.0875 1456 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/09/01 18:24:03.0921 1456 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/09/01 18:24:03.0953 1456 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/09/01 18:24:03.0984 1456 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/09/01 18:24:04.0000 1456 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/09/01 18:24:04.0031 1456 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2011/09/01 18:24:04.0093 1456 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 2011/09/01 18:24:04.0109 1456 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2011/09/01 18:24:04.0156 1456 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/09/01 18:24:04.0203 1456 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2011/09/01 18:24:04.0250 1456 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/09/01 18:24:04.0265 1456 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/09/01 18:24:04.0296 1456 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/09/01 18:24:04.0343 1456 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/09/01 18:24:04.0390 1456 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/09/01 18:24:04.0468 1456 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/09/01 18:24:04.0671 1456 NETw5x32 (05743fffc2bc88cc8e426321bc6a762e) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys 2011/09/01 18:24:04.0812 1456 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/09/01 18:24:04.0921 1456 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/09/01 18:24:04.0953 1456 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/09/01 18:24:05.0015 1456 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/09/01 18:24:05.0031 1456 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/09/01 18:24:05.0062 1456 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/09/01 18:24:05.0093 1456 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/09/01 18:24:05.0125 1456 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys 2011/09/01 18:24:05.0218 1456 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/09/01 18:24:05.0250 1456 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/09/01 18:24:05.0359 1456 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys 2011/09/01 18:24:05.0390 1456 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/09/01 18:24:05.0421 1456 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/09/01 18:24:05.0421 1456 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 2011/09/01 18:24:05.0531 1456 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 2011/09/01 18:24:05.0546 1456 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 2011/09/01 18:24:05.0593 1456 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/09/01 18:24:05.0625 1456 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/09/01 18:24:05.0640 1456 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/09/01 18:24:05.0687 1456 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys 2011/09/01 18:24:05.0718 1456 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 2011/09/01 18:24:05.0734 1456 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 2011/09/01 18:24:05.0750 1456 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 2011/09/01 18:24:05.0781 1456 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 2011/09/01 18:24:05.0812 1456 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 2011/09/01 18:24:05.0843 1456 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/09/01 18:24:05.0890 1456 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/09/01 18:24:05.0921 1456 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/09/01 18:24:05.0968 1456 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/09/01 18:24:06.0015 1456 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/09/01 18:24:06.0046 1456 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/09/01 18:24:06.0093 1456 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2011/09/01 18:24:06.0171 1456 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/09/01 18:24:06.0203 1456 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/09/01 18:24:06.0250 1456 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys 2011/09/01 18:24:06.0312 1456 RTLE8023xp (c6d34a1874cd2b212dc3e788091c64b4) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 2011/09/01 18:24:06.0328 1456 S3SavageNB (0dbcc071a268e0340a2ba6bdd98bace4) C:\WINDOWS\system32\DRIVERS\s3gnbm.sys 2011/09/01 18:24:06.0359 1456 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 2011/09/01 18:24:06.0390 1456 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/09/01 18:24:06.0421 1456 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 2011/09/01 18:24:06.0578 1456 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 2011/09/01 18:24:06.0609 1456 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 2011/09/01 18:24:06.0656 1456 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2011/09/01 18:24:06.0687 1456 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 2011/09/01 18:24:06.0765 1456 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/09/01 18:24:06.0859 1456 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/09/01 18:24:06.0953 1456 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/09/01 18:24:07.0000 1456 sscdbus (d6870895fe46a464a19141440eb6cc1e) C:\WINDOWS\system32\DRIVERS\sscdbus.sys 2011/09/01 18:24:07.0078 1456 sscdmdfl (0fe167362e4689b716cdc8d93adedda8) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys 2011/09/01 18:24:07.0109 1456 sscdmdm (55a15707e32b6709242ad127e62ca55a) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys 2011/09/01 18:24:07.0171 1456 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys 2011/09/01 18:24:07.0312 1456 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2011/09/01 18:24:07.0390 1456 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/09/01 18:24:07.0437 1456 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/09/01 18:24:07.0468 1456 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 2011/09/01 18:24:07.0515 1456 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 2011/09/01 18:24:07.0531 1456 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 2011/09/01 18:24:07.0562 1456 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 2011/09/01 18:24:07.0609 1456 SynTP (86692a9116559222bd2d62633ddc352d) C:\WINDOWS\system32\DRIVERS\SynTP.sys 2011/09/01 18:24:07.0656 1456 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/09/01 18:24:07.0703 1456 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/09/01 18:24:07.0765 1456 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/09/01 18:24:07.0781 1456 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/09/01 18:24:07.0828 1456 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/09/01 18:24:07.0875 1456 TosIde (b411668322c3bf4e690888706b999679) C:\WINDOWS\system32\DRIVERS\toside.sys 2011/09/01 18:24:07.0937 1456 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/09/01 18:24:07.0953 1456 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 2011/09/01 18:24:07.0984 1456 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/09/01 18:24:08.0031 1456 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/09/01 18:24:08.0062 1456 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/09/01 18:24:08.0093 1456 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/09/01 18:24:08.0125 1456 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/09/01 18:24:08.0140 1456 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2011/09/01 18:24:08.0171 1456 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 2011/09/01 18:24:08.0187 1456 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/09/01 18:24:08.0218 1456 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 2011/09/01 18:24:08.0234 1456 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 2011/09/01 18:24:08.0265 1456 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/09/01 18:24:08.0359 1456 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/09/01 18:24:08.0406 1456 Wdf01000 (60d2787958b46595d62237ed15b91e94) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys 2011/09/01 18:24:08.0468 1456 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/09/01 18:24:08.0546 1456 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 2011/09/01 18:24:08.0578 1456 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2011/09/01 18:24:08.0609 1456 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2011/09/01 18:24:08.0625 1456 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2011/09/01 18:24:08.0687 1456 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 2011/09/01 18:24:08.0968 1456 Boot (0x1200) (f761105a5e315ed81d26a71829958f50) \Device\Harddisk0\DR0\Partition0 2011/09/01 18:24:09.0046 1456 Boot (0x1200) (9222db61d7f6b9571925c36bd095f379) \Device\Harddisk0\DR0\Partition1 2011/09/01 18:24:09.0062 1456 ================================================================================ 2011/09/01 18:24:09.0062 1456 Scan finished 2011/09/01 18:24:09.0062 1456 ================================================================================ 2011/09/01 18:24:09.0093 3720 Detected object count: 0 2011/09/01 18:24:09.0093 3720 Actual detected object count: 0

Bonjour, Voici brièvement mon problème. A des fins professionnelles je dois utiliser un lecteur de carte d'identité (Belgique). Sur 2 PC la mise à jour du software (imposé par de nouvelles carte d'identité) n'a pas posé problème sauf sur mon portable. Après de maintes recherches je trouve un soft d'aide sur le site de l'éditeur du logiciel en question. Celui-ci analyse la config et m'annonce que des fichiers sont manquants et attire mon attention sur la possible présence de malware. Je tente de lancer mon antivirus (McAfee) et là surprise: le soft se lance puis se bloque avant que le PC ne s'éteigne. Je redémarre le Portable et toute la procédure et rebelotte. J'ai tenté le soft Malware bytes: idem - blocage du pc et même antivirus qui se désactive. De plus, depuis quelques jours des maj windows refusent de s'installer. Je me dis que réellement un soucis ! J'ai lancé Hijackthis et voici le rapport qui s'en suit: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:55:06, on 31/08/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\beidservicepcsc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe C:\WINDOWS\system32\NLSSRV32.EXE C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\PSIService.exe c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\WisLMSvc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe D:\TClock\Tclock2_120fr\Tclock2_120fr\tclock2.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Fichiers communs\Corel\Standby\Standby.exe C:\Program Files\totalcmd\TOTALCMD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20110721222730.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: PDFXChange 4.0 IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe" O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [standby] "c:\Program Files\Fichiers communs\Corel\Standby\Standby.exe" -START O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [MacDrive 8 application] "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe" O4 - HKLM\..\Run: [Getting started with MacDrive 8] "C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe" /auto O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe O4 - HKLM\..\Run: [beidsystemtray] C:\Program Files\Belgium Identity Card\beidsystemtray.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: TClock2.lnk = D:\TClock\Tclock2_120fr\Tclock2_120fr\tclock2.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.mypix.com/be/fr/fw_model/domain/library/aurigma/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232811232187 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232999836765 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://ccff02.minfin.fgov.be/CCFF_Authentication/views/login/signature/capicom.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: MacDrive 8 service (MacDrive8Service) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe -- End of file - 14024 bytes Merci pour votre aide.

Bonjour, Avec Security Task Manager, j'ai découvert qu'au démarrage de mon PC il y avait un fichier inconnu qui était lancé et dont le chemin est le suivant: C:/documents and settings/all users/start menu/programs/administrative tools/recycle bin/kdja.exe Dans le doute je l'ai mis en quarantaine. Quelqu'un peut-il me dire ce que c'est et si je peut carrément le supprimer ou si au contraire il est important svp ? Dans l'attente de vos commentaires A+ stadeverois

J'ai essayé avec Combofix qui semble avoir solutionné le problème Je vous communique le rapport, merci de me dire s'il y à quelques choses d'autre à faire svp Dans l'attente de votre commentaire ComboFix 08-05-12.1 - mvh 2008-05-15 10:02:21.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.849 [GMT 2:00] Endroit: C:\Documents and Settings\mvh\Bureau\ComboFix.exe * Création d'un nouveau point de restauration * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\pskt.ini C:\WINDOWS\system32\bwgdwbdp.dll C:\WINDOWS\system32\ebpvsjak.dll C:\WINDOWS\system32\ghmiflmu.ini C:\WINDOWS\system32\gvknphco.ini C:\WINDOWS\system32\kajsvpbe.ini C:\WINDOWS\system32\OpYxIRqr.ini C:\WINDOWS\system32\OpYxIRqr.ini2 C:\WINDOWS\system32\rqRIxYpO.dll C:\WINDOWS\system32\umlfimhg.dll C:\WINDOWS\system32\wjtrpnps.dll C:\WINDOWS\system32\wravhmxs.dll C:\WINDOWS\system32\wwugbjqw.ini C:\WINDOWS\system32\ylmffwrl.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-15 to 2008-05-15 )))))))))))))))))))))))))))))))))))) . 2008-05-15 09:50 . 2008-05-15 09:50 2,048 --a------ C:\WINDOWS\system32\ilfeyvaf.exe 2008-05-14 09:32 . 2008-05-14 09:32 2,048 --a------ C:\WINDOWS\system32\nrltteqi.exe 2008-05-14 09:18 . 2008-05-14 09:18 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb 2008-05-14 09:18 . 2008-05-14 09:18 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb 2008-05-13 16:25 . 2008-05-13 16:31 <REP> d-------- C:\WINDOWS\system32\fr 2008-05-13 16:25 . 2008-05-13 16:31 <REP> d-------- C:\WINDOWS\system32\bits 2008-05-13 16:25 . 2008-05-13 16:31 <REP> d-------- C:\WINDOWS\l2schemas 2008-05-13 16:13 . 2004-08-04 00:55 239,616 --a------ C:\WINDOWS\system32\dllcache\wstrendr.ax 2008-05-13 16:13 . 2004-08-04 00:55 164,352 --a------ C:\WINDOWS\system32\dllcache\wstpager.ax 2008-05-13 16:11 . 2007-10-25 18:43 8,516,608 --a------ C:\WINDOWS\system32\dllcache\shell32.dll 2008-05-13 16:00 . 2006-10-19 14:33 86,728 --a------ C:\WINDOWS\system32\msxml6r.dll 2008-05-13 15:37 . 2008-05-13 16:27 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak 2008-05-13 09:28 . 2008-05-13 09:28 2,048 --a------ C:\WINDOWS\system32\qpfftcmh.exe 2008-05-09 14:13 . 2008-05-09 14:13 <REP> d-------- C:\WINDOWS\ERUNT 2008-05-08 15:31 . 2008-05-08 15:31 2,048 --a------ C:\WINDOWS\system32\rexmavbd.exe 2008-05-08 15:29 . 2008-05-15 09:44 109,807 --a------ C:\WINDOWS\BMc3f36de5.xml 2008-05-08 15:04 . 2008-05-08 15:08 <REP> d-------- C:\Program Files\Champfoot 2008-04-30 12:14 . 2008-04-30 12:14 <REP> d-------- C:\Program Files\AceFixtures for EURO 2008 . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-14 13:44 --------- d-----w C:\Program Files\EmEditor 2008-05-14 12:48 2,516 --sha-w C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys 2008-05-14 11:33 --------- d-----w C:\Program Files\eMule 2008-05-14 11:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-05-14 10:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-05-06 13:05 --------- d-----w C:\Documents and Settings\mvh\Application Data\Sites 2008-05-06 13:05 --------- d-----w C:\Documents and Settings\mvh\Application Data\Classes de site 2008-05-05 07:10 --------- d-----w C:\Program Files\McAfee 2008-04-14 11:33 --------- d-----w C:\Documents and Settings\mvh\Application Data\Bitstream 2008-04-02 08:11 --------- d-----w C:\Program Files\Lavasoft 2008-04-02 08:11 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-04-02 08:07 --------- d-----w C:\Documents and Settings\mvh\Application Data\Grisoft 2008-04-02 08:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft 2008-03-31 12:00 --------- d-----w C:\Program Files\jv16 PowerTools 2008 2008-03-31 11:07 --------- d-----w C:\Program Files\Trend Micro 2008-03-31 10:03 --------- d-----w C:\Program Files\Common Files 2008-03-27 13:18 --------- d-----w C:\Program Files\DelFax 2008-03-18 10:25 --------- d-----w C:\Program Files\Diskeeper Corporation 2008-03-18 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation 2008-03-05 12:16 161 ----a-w C:\Delme.bat 2008-02-11 14:27 88 --sh--r C:\Documents and Settings\All Users\Application Data\E6A794E7CA.sys 2005-01-17 10:42 18 -c--a-w C:\Documents and Settings\mvh\Application Data\FileMark16.dll 2004-09-14 11:41 256 ---ha-w C:\Documents and Settings\All Users\Application Data\SYSREF87.BIN 2006-01-23 08:12 104 -csh--r C:\WINDOWS\system32\CAE794A7E6.sys 2006-09-19 09:26 168 -csh--r C:\WINDOWS\system32\E6A794E7CA.sys 2008-02-05 13:38 7,520 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2008-02-20 15:29 524800] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:54 15360] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-11-21 11:41 5724184] "Art Plus Wallpaper Calendar"="C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe" [2004-11-23 12:42 2113536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GSICONEXE"="GSICON.EXE" [2001-10-10 10:26 75776 C:\WINDOWS\system32\gsicon.exe] "DSLAGENTEXE"="dslagent.exe" [2001-10-02 09:42 16384 C:\WINDOWS\system32\dslagent.exe] "WFXSwtch"="C:\PROGRA~1\DelFax\WFXSWTCH.exe" [2001-09-11 11:06 27648] "WinFaxAppPortStarter"="wfxsnt40.exe" [2001-09-28 13:39 45568 C:\WINDOWS\system32\WFXSNT40.EXE] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 11:35 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 11:32 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 11:36 114688] "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 20:54 623992] "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 23:33 582992] "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 01:52 849280] "QuickTime Task"="C:\Program Files\QuickStarTime\qttask.exe" [2006-05-29 13:08 282624] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:54 15360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMMyPictures"= 0 (0x0) "NoToolbarCustomize"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{A213B520-C6C2-11d0-AF9D-008029E1027E}"= C:\Program Files\DelFax\WfxSeh32.Dll [1998-07-27 08:54 38400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="C:\\WINDOWS\\system32\\logonui.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnljhhf] nnnljhhf.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\System32\\mmc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Rmcob700\\RUNCOBOL.EXE"= "C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "139:TCP"= 139:TCP:@xpsp2res.dll,-22004 "445:TCP"= 445:TCP:@xpsp2res.dll,-22005 "137:UDP"= 137:UDP:@xpsp2res.dll,-22001 "138:UDP"= 138:UDP:@xpsp2res.dll,-22002 "31041:TCP"= 31041:TCP:SitekeeperRPC "31040:TCP"= 31040:TCP:PIServerRPC "31042:TCP"= 31042:TCP:SKAgentRPC "4500:UDP"= 4500:UDP:SkIPSec4500 "500:UDP"= 500:UDP:SkIPSec500 "1434:UDP"= 1434:UDP:SitekeeperSQL "135:TCP"= 135:TCP:DiskeeperDCOM "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\RemoteAdminSettings] "RemoteAddresses"= * "Enabled"= 1 (0x1) R2 ADSLAutoconnect;ADSLAutoconnect;"C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z [] R2 PSI_SVC_2;Protexis Licensing V2;"c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe" [2007-07-24 12:15] R2 wfxsvc;DelrinaFax PRO;C:\WINDOWS\system32\WFXSVC.EXE [2000-05-15 16:37] S1 bcbus;BestCrypt bus driver;C:\WINDOWS\system32\DRIVERS\bcbus.sys [] S2 gafwload;Eicon Networks USB ADSL Loader;C:\WINDOWS\system32\DRIVERS\gafwload.sys [2001-09-28 12:07] S3 SQTECH9150;Mini Cam;C:\WINDOWS\system32\Drivers\Capt9150.sys [2003-07-17 20:44] . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-01-04 08:35:41 C:\WINDOWS\Tasks\McDefragTask.job" - C:\WINDOWS\system32\defrag.exe "2007-01-04 08:35:40 C:\WINDOWS\Tasks\McQcTask.job" - c:\program files\mcafee\mqc\QcConsol.exe.4158 0 "2004-11-10 12:39:35 C:\WINDOWS\Tasks\RegistryMedicAuotScan.job" - C:\Program Files\Registry Medic\RegMedical.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-15 10:07:32 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . --------------------- DLLs a charg‚ sous des processus courants --------------------- PROCESS: C:\WINDOWS\explorer.exe -> C:\Program Files\Atomic Alarm Clock\Clock.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\Crypserv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe C:\PROGRA~1\FICHIE~1\McAfee\McProxy\McProxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe C:\Program Files\McAfee\MPF\MpfSrv.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\DelFax\WFXMOD32.EXE C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\igfxsrvc.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-15 10:21:33 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-15 08:21:20 Pre-Run: 2,746,372,096 octets libres Post-Run: 2,662,748,160 octets libres 199 --- E O F --- 2008-05-14 10:05:37 Et voici le rapport HijackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:36:06, on 15/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\PSIService.exe c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\WFXSVC.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\DelFax\WFXMOD32.EXE C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\PROGRA~1\DelFax\WFXSWTCH.exe C:\WINDOWS\system32\wfxsnt40.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\QuickStarTime\qttask.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\DelFax\WFXSWTCH.exe O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickStarTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [skinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Art Plus Wallpaper Calendar] "C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe" /a O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://c:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B1518559-8E6B-488A-8D33-9DA479B2B33D}: NameServer = 195.238.2.22 195.238.2.21 O20 - Winlogon Notify: nnnljhhf - nnnljhhf.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: McAfee Desktop Firewall Service (FireSvc) - Networks Associates Technology, Inc. - (no file) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Pinnacle Systems GmbH - (no file) O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE -- End of file - 11205 bytes Dans l'attente de votre aimable commentaire Stadeverois

Voici le nouveau rapport. Pour info, mes fenêtres intempestives s'ouvrent toujours. Dans l'attente de votre commentaire A+ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:17:54, on 13/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\PSIService.exe c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\WFXSVC.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\DelFax\WFXMOD32.EXE C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\PROGRA~1\DelFax\WFXSWTCH.exe C:\WINDOWS\system32\wfxsnt40.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\DelFax\WFXSWTCH.exe O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickStarTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [bMc3f36de5] Rundll32.exe "C:\WINDOWS\system32\bwgdwbdp.dll",s O4 - HKLM\..\Run: [c0c05e79] rundll32.exe "C:\WINDOWS\system32\wqjbguww.dll",b O4 - HKCU\..\Run: [skinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Art Plus Wallpaper Calendar] "C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe" /a O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://c:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B1518559-8E6B-488A-8D33-9DA479B2B33D}: NameServer = 195.238.2.22 195.238.2.21 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: McAfee Desktop Firewall Service (FireSvc) - Networks Associates Technology, Inc. - (no file) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Pinnacle Systems GmbH - (no file) O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE -- End of file - 10906 bytes

Merci pour votre réponse. Voici le rapport SDFix. Dans l'attente de vos commentaires. SDFix: Version 1.181 Run by mvh on ven. 09/05/2008 at 14:21 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\mvh\Bureau\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\17PHolmes1535.exe - Deleted C:\WINDOWS\mrofinu1535.exe - Deleted C:\WINDOWS\mrofinu1535.exe.tmp - Deleted C:\WINDOWS\system32\drivers\hosts - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-09 14:37:57 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\obvious] "ServiceBinary"="C:\WINDOWS\system32\drivers\OBVIOUS.SYS" "Group"="SCSI Miniport" "ImagePath"=str(2):"system32\DRIVERS\obvious.sys" "ErrorControl"=dword:00000001 "Start"=dword:00000001 "Type"=dword:00000001 "Tag"=dword:00000021 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\obvious\Enum] "Count"=dword:00000000 "NextInstance"=dword:00000000 "INITSTARTFAILED"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\obvious\parameters] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\obvious\security] "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\obvious] "ServiceBinary"="C:\WINDOWS\system32\drivers\OBVIOUS.SYS" "Group"="SCSI Miniport" "ImagePath"=str(2):"system32\DRIVERS\obvious.sys" "ErrorControl"=dword:00000001 "Start"=dword:00000001 "Type"=dword:00000001 "Tag"=dword:00000021 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\obvious\Enum] "Count"=dword:00000000 "NextInstance"=dword:00000000 "INITSTARTFAILED"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\obvious\parameters] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\obvious\security] "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System] "OODEFRAG10.00.00.01WORKSTATION"="E920F3FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9 E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933FEBC9E127BECC74C8EDD5E5BE2F6E667FEBC9E 127BECC74CA11D2AA903C941616B618AD7288927942061937FCBA0699F57D1B03F70E5552311FC240 930440821C125CBBD66AE23DC26804556321651CBEE38D5A1CA7D9C1FB589AA0B9C178ECC4CE06376 37F42AB9CD986B2B9242AA650ABC2DCF1F161DB5BD5E88EFA151C23F9E02A49C6A0DC4AD2D8A8892D 018B9B7624D85F603057A1B279DFB1FADC9C4359AF8DEEF64EFB2222DB89544E3507BF2885F276727 618BE9C5EB3622449868D27A3BCDD29A5662E10D08FD1B59659CAB5DEAC8174C88DC1E42705DA5799 BB69C4BC4264C1ABDFB1D5D64A29852167FD91969999DC5992D1B97D88C7D79F26DFE6C100E8701E9 D7E4043DD7DF00653BDA465B37B87E7A6F2496D4D01E8184F9C61522A1D3036003323B8363B82E9C9 B6F43C43A4973504D64619A2C22E47A04A7CB7E6DA267E9C0DF10AD048F38431D3A432EAAD3368920 687161944708BF6237EDAE778B0917052FE538E7738C2CF2C44CA18482EAD5782291E6F46F6687A2E FAC41364958387A4070A03419B0E705FB39AFB920CC2998E562EAAAA00FC584B00C4892BBD664FC9C BAE97FD7BD4EEB2EB96C2E9E273C7AEDD5B2080423B3FB3B66D76D649DF49FAFA29A572DDEFAF6925 06EBC145C0BC7D7B687526959CEB236668A9AEBD608A8C8D93EBB36D44D29BE53D03137E1D4E0249D 3445407C58852C8EFD5E1B42818E1AE4E02038736738B16D354CE63F9DD8B8FB0B8C2069D4830B33D 376E2320681BC2018EB9C23310FCA9E3E44239430F65F15DF4CC2138EF227FC3111D4107FE12BB6F8 FB6CE1554CCD38134110111537C5818B990580124AB3E7C0CFA8551DC545AB1FA05A3CC342E261E06 0F77A9E49FB2C6A7D6A4BAFB74D45304BB791D0F6CD53A71DB7D9AE7718945532C72AE010F855DD77 97217E1C72BBAF0E8268CFF16B5A37A97E720E26DC22A53D0F0E34A31490CA79D5C5550A04417597A B109468AC3C72F1C9501DBD062B087983A5B34F0D46186A958E534B4A233D5AF9D5DEC07D4C8517D8 D55A604C27B9547E88BF1303B1B32166E558DC6E04C03D58172E14332F1EAD117609E4C9E07AAEFBD DFCA17D610FEE7FC90AEDFD56C51B56484BB0045EEFBAF8BA30D301F60C5D1D64D363E43B9C143A4D 52E3ED648F442570BE958CA7313DBD3E1C6FD5DCB7A828EC6FF107F657C71495DC5713CA677A9CAA5 6FB4CAE1CA3ADB2D92612D748CF835CC020939DBAB2AFDD1C15A7F91CF437A5A54A2567EE523EDABE A1DE040E02BD2D7B6E2212C6F3D2F3449C4A3700DF95A5829FDF9B6E22071061BA50D0DB6408EA189 6AB07811CE6BA4F23FD1AE6597803" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\Canon iR1600-2000 PCL6] "ChangeID"=dword:001fafb1 "Attributes"=dword:00000a00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "DeviceNotSelectedTimeout"="15" "GDIProcessHandleQuota"=dword:00002710 "Spooler"="yes" "swapdisk"="" "TransmissionRetryTimeout"="90" "USERProcessHandleQuota"=dword:00002710 scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\WINDOWS\\System32\\mmc.exe"="C:\\WINDOWS\\System32\\mmc.exe:*:Enabled:MicrosoftManagementConsole" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\Rmcob700\\RUNCOBOL.EXE"="C:\\Rmcob700\\RUNCOBOL.EXE:*:Enabled:RM/COBOL Runtime Executable" "C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\DOCUME~1\mvh\Bureau\SDFix\backups\backups.zip Files with Hidden Attributes : Fri 17 Dec 2004 56 A.SH. --- "C:\redir.sys" Fri 13 Jan 2006 25 ...H. --- "C:\WINDOWS\sysmf4.dll" Sun 23 May 2010 1,537 A.SH. --- "C:\WINDOWS\page files\maxmeg.sys" Mon 23 Jan 2006 104 ..SHR --- "C:\WINDOWS\system32\CAE794A7E6.sys" Tue 19 Sep 2006 168 ..SHR --- "C:\WINDOWS\system32\E6A794E7CA.sys" Tue 5 Feb 2008 7,520 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys" Mon 16 Apr 2007 16 ...H. --- "C:\WINDOWS\system32\l8d8vc0.dll" Mon 11 Feb 2008 88 ..SHR --- "C:\Documents and Settings\All Users\Application Data\E6A794E7CA.sys" Fri 9 May 2008 2,516 A.SH. --- "C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys" Wed 8 Dec 2004 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Tue 29 Apr 2008 20,487 A.SHR --- "C:\Program Files\McAfee\MQC\MRU.bak" Tue 29 Apr 2008 265 A.SHR --- "C:\Program Files\McAfee\MQC\qcconf.bak" Thu 7 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp" Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT58.tmp" Sun 28 Dec 2003 866 A..H. --- "C:\Documents and Settings\All Users\Application Data\Microsoft\kbkrbMvl\WZhuyVqeslK.tmp" Tue 22 Aug 2006 195,072 ...H. --- "C:\Documents and Settings\mvh\Application Data\Microsoft\Word\~WRL3586.tmp" Tue 10 May 2005 980 A..H. --- "C:\Documents and Settings\mvh\Application Data\PACE Anti-Piracy\KkbkrbMvlC\WZhuyVqeslK.tmp" Wed 8 Dec 2004 400 A.SH. --- "C:\Documents and Settings\mvh\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak" Finished!

Bonjour, Voici le problème que j'ai: lorsque je clique sur un de mes favoris, des fenêtres intempestives s'ouvrent (fenêtres de jeu de poker ou autre et des fenêtres d'alerte du genre "your PC is infected..." où l'on me propose de télécharger une solution antivirus, anti-spyware etc. Ce que je ne télécharge évidemment pas) J'ai McAfee VirusScan Plus à jour ainsi que AVG anti-spyware que je lance régulièrement. Ci-dessous le rapport Hi-jack que j'ai fait ce matin. Merci de donner vos solutions. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:58:01, on 9/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\PSIService.exe c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\WFXSVC.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\DelFax\WFXMOD32.EXE C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\PROGRA~1\DelFax\WFXSWTCH.exe C:\WINDOWS\system32\wfxsnt40.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\DelFax\WFXSWTCH.exe O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickStarTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [c0c05e79] rundll32.exe "C:\WINDOWS\system32\ochpnkvg.dll",b O4 - HKLM\..\Run: [bMc3f36de5] Rundll32.exe "C:\WINDOWS\system32\fmjtejjr.dll",s O4 - HKCU\..\Run: [skinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Art Plus Wallpaper Calendar] "C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe" /a O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://c:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B1518559-8E6B-488A-8D33-9DA479B2B33D}: NameServer = 195.238.2.22 195.238.2.21 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: McAfee Desktop Firewall Service (FireSvc) - Networks Associates Technology, Inc. - (no file) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Pinnacle Systems GmbH - (no file) O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE -- End of file - 10897 bytes

Un tout grand merci pour votre aide et vos conseils. Il n'y à plus de problèmes en effet. Ouf ! J'ai désinstallé Ad-aware et installé AVG Anti Spyware. Seul problème, le rapport ne se sauvegarde qu'en cas de problème grave. J'ai décoché cette option afin de générer un rapport à chaque analyse mais il était déjà trop tard pour la première analyse complète. C'est donc le second rapport que je vous poste ci-après, le reste ayant été supprimé (il n'y avait que quelques cookies sans importance). --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 14:19:53 2/04/2008 + Résultat de l'analyse: Rien à signaler. Fin du rapport

Merci pour votre réponse. J'espère que cela s'est bien passé car je n'ai pas eu le choix annoncé (1 ou 2), tout s'est passé automatiquement. Vous me direz si c'est ok. Voici le rapport Combofix: ComboFix 08-03-30.3 - mvh 2008-04-01 14:44:56.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1032 [GMT 2:00] Endroit: C:\Documents and Settings\mvh\Bureau\ComboFix.exe Command switches used :: D:\TftWeb\ComboFix\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! FILE :: C:\WINDOWS\b153.exe C:\WINDOWS\b155.exe C:\WINDOWS\system32\cfaec_z.ocx C:\WINDOWS\system32\dceaf6_z.dll C:\WINDOWS\system32\efmuhnnf.ini C:\WINDOWS\system32\gtgeswhj.dll C:\WINDOWS\system32\ioidwypt.ini C:\WINDOWS\system32\ln5fhun.tgz C:\WINDOWS\system32\tmp.reg . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\b153.exe C:\WINDOWS\b155.exe C:\WINDOWS\system32\cfaec_z.ocx C:\WINDOWS\system32\dceaf6_z.dll C:\WINDOWS\system32\efmuhnnf.ini C:\WINDOWS\system32\gtgeswhj.dll C:\WINDOWS\system32\ioidwypt.ini C:\WINDOWS\system32\ln5fhun.tgz C:\WINDOWS\system32\prsgrc.dll C:\WINDOWS\system32\ssprs.dll C:\WINDOWS\system32\tmp.reg . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-01 to 2008-04-01 )))))))))))))))))))))))))))))))))))) . 2008-03-31 13:07 . 2008-03-31 13:07 <REP> d-------- C:\Program Files\Trend Micro 2008-03-31 12:03 . 2008-03-31 12:03 2,015 -r-h----- C:\WINDOWS\system32\drivers\hosts 2008-03-31 10:59 . 2008-03-31 10:59 <REP> d-------- C:\WINDOWS\system32\bfubackups 2008-03-18 12:53 . 2008-03-18 12:53 <REP> d--hs---- C:\Diskeeper 2008-03-18 12:25 . 2008-03-18 12:25 <REP> d-------- C:\Program Files\Diskeeper Corporation 2008-03-18 12:25 . 2008-03-18 12:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation 2008-03-12 15:07 . 2008-03-12 15:07 <REP> d-------- C:\Documents and Settings\mvh\Application Data\scriptocean 2008-03-06 15:16 . 2008-03-31 14:00 <REP> d-------- C:\Program Files\jv16 PowerTools 2008 2008-03-04 15:27 . 2008-03-05 14:17 <REP> d-------- C:\Program Files\TClockEx . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-01 12:23 2,516 --sha-w C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys 2008-03-31 10:03 --------- d-----w C:\Program Files\Common Files 2008-03-28 13:32 --------- d-----w C:\Program Files\EmEditor 2008-03-27 13:18 --------- d-----w C:\Program Files\DelFax 2008-03-25 10:36 --------- d-----w C:\Documents and Settings\mvh\Application Data\Sites 2008-03-25 10:36 --------- d-----w C:\Documents and Settings\mvh\Application Data\Classes de site 2008-03-12 08:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-03-11 15:51 --------- d-----w C:\Program Files\SWiSH Max2 2008-03-07 12:19 --------- d-----w C:\Program Files\Lavasoft 2008-03-07 12:18 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-03-07 12:04 --------- d-----w C:\Program Files\UltraISO 2008-03-07 12:04 --------- d-----w C:\Program Files\Fichiers communs\EZB Systems 2008-03-05 12:27 --------- d-----w C:\Program Files\Totalcmd 2008-03-05 12:16 161 ----a-w C:\Delme.bat 2008-03-04 13:45 --------- d-----w C:\Program Files\Atomic Alarm Clock 2008-02-27 12:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-02-21 11:06 --------- d-----w C:\Program Files\eMule 2008-02-21 08:10 --------- d-----w C:\Program Files\McAfee 2008-02-20 15:58 --------- d-----w C:\Program Files\Corel 2008-02-20 12:50 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-19 11:26 --------- d-----w C:\Documents and Settings\mvh\Application Data\Desktop Calendar 2008-02-18 08:18 --------- d-----w C:\Program Files\Microsoft IntelliPoint 2008-02-14 08:50 23,600 ----a-w C:\WINDOWS\system32\drivers\TVICHW32.SYS 2008-02-14 08:38 --------- d-----w C:\Program Files\Lavalys 2008-02-13 12:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Cavomatic 2008-02-13 12:47 --------- d-----w C:\Documents and Settings\mvh\Application Data\Jeroboam 2008-02-12 12:04 --------- d-----w C:\Documents and Settings\mvh\Application Data\MiK 2008-02-12 11:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\MiK 2008-02-11 14:27 88 --sh--r C:\Documents and Settings\All Users\Application Data\E6A794E7CA.sys 2008-02-05 15:04 --------- d-----w C:\Program Files\EuroThink 2008-02-05 12:18 --------- d-----w C:\Program Files\Fichiers communs\Borland Shared 2008-02-05 11:33 --------- d-----w C:\Program Files\ArtIcons Pro 2008-02-04 14:04 --------- d-----w C:\Program Files\Fichiers communs\ACD Systems 2008-02-04 14:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-01-07 13:48 39,424 ----a-w C:\WINDOWS\zipinst.exe 2005-01-17 10:42 18 -c--a-w C:\Documents and Settings\mvh\Application Data\FileMark16.dll 2004-09-14 11:41 256 ---ha-w C:\Documents and Settings\All Users\Application Data\SYSREF87.BIN 2006-01-23 08:12 104 -csh--r C:\WINDOWS\system32\CAE794A7E6.sys 2006-09-19 09:26 168 -csh--r C:\WINDOWS\system32\E6A794E7CA.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{326012CB-D3FF-4b39-B052-6F5CE6FBB59F}] 2006-02-28 17:23 544768 --a--c--- C:\PROGRA~1\SOFTOM~1\TOOLBA~1\INSTAL~1\{C49DD~1\0\STADE_~1.DLL [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2008-02-20 15:29 524800] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:54 15360] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-11-21 11:41 5724184] "Art Plus Wallpaper Calendar"="C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe" [2004-11-23 12:42 2113536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GSICONEXE"="GSICON.EXE" [2001-10-10 10:26 75776 C:\WINDOWS\system32\gsicon.exe] "DSLAGENTEXE"="dslagent.exe" [2001-10-02 09:42 16384 C:\WINDOWS\system32\dslagent.exe] "WFXSwtch"="C:\PROGRA~1\DelFax\WFXSWTCH.exe" [2001-09-11 11:06 27648] "WinFaxAppPortStarter"="wfxsnt40.exe" [2001-09-28 13:39 45568 C:\WINDOWS\system32\WFXSNT40.EXE] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 11:35 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 11:32 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 11:36 114688] "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 20:54 623992] "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 23:33 582992] "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 01:52 849280] "QuickTime Task"="C:\Program Files\QuickStarTime\qttask.exe" [2006-05-29 13:08 282624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:54 15360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMMyPictures"= 0 (0x0) "NoToolbarCustomize"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{A213B520-C6C2-11d0-AF9D-008029E1027E}"= C:\Program Files\DelFax\WfxSeh32.Dll [1998-07-27 08:54 38400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="C:\\WINDOWS\\system32\\logonui.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\System32\\mmc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "139:TCP"= 139:TCP:@xpsp2res.dll,-22004 "445:TCP"= 445:TCP:@xpsp2res.dll,-22005 "137:UDP"= 137:UDP:@xpsp2res.dll,-22001 "138:UDP"= 138:UDP:@xpsp2res.dll,-22002 "31041:TCP"= 31041:TCP:SitekeeperRPC "31040:TCP"= 31040:TCP:PIServerRPC "31042:TCP"= 31042:TCP:SKAgentRPC "4500:UDP"= 4500:UDP:SkIPSec4500 "500:UDP"= 500:UDP:SkIPSec500 "1434:UDP"= 1434:UDP:SitekeeperSQL "135:TCP"= 135:TCP:DiskeeperDCOM "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\RemoteAdminSettings] "RemoteAddresses"= * "Enabled"= 1 (0x1) R2 ADSLAutoconnect;ADSLAutoconnect;"C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z [] R2 PSI_SVC_2;Protexis Licensing V2;"c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe" [2007-07-24 12:15] R2 wfxsvc;DelrinaFax PRO;C:\WINDOWS\system32\WFXSVC.EXE [2000-05-15 16:37] S1 bcbus;BestCrypt bus driver;C:\WINDOWS\system32\DRIVERS\bcbus.sys [] S2 gafwload;Eicon Networks USB ADSL Loader;C:\WINDOWS\system32\DRIVERS\gafwload.sys [2001-09-28 12:07] S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2007-10-17 01:00] S3 SQTECH9150;Mini Cam;C:\WINDOWS\system32\Drivers\Capt9150.sys [2003-07-17 20:44] . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-01-04 08:35:41 C:\WINDOWS\Tasks\McDefragTask.job" - C:\WINDOWS\system32\defrag.exe "2007-01-04 08:35:40 C:\WINDOWS\Tasks\McQcTask.job" - c:\program files\mcafee\mqc\QcConsol.exe.4158 0 "2004-11-10 12:39:35 C:\WINDOWS\Tasks\RegistryMedicAuotScan.job" - C:\Program Files\Registry Medic\RegMedical.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-01 14:48:18 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt" . --------------------- DLLs a charg‚ sous des processus courants --------------------- PROCESS: C:\WINDOWS\explorer.exe -> C:\Program Files\Atomic Alarm Clock\Clock.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\DelFax\WFXMOD32.EXE C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\McAfee\MSC\mcuimgr.exe . ************************************************************************** . Temps d'accomplissement: 2008-04-01 14:53:56 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-01 12:53:51 Pre-Run: 4,311,773,184 octets libres Post-Run: 4,285,411,328 octets libres . 2008-03-12 08:25:07 --- E O F --- Et voici le rapport hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:59:32, on 1/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\PSIService.exe c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\WFXSVC.EXE C:\Program Files\DelFax\WFXMOD32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\PROGRA~1\DelFax\WFXSWTCH.exe C:\WINDOWS\system32\wfxsnt40.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\QuickStarTime\qttask.exe C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe C:\WINDOWS\explorer.exe C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: XBTP02546 - {326012CB-D3FF-4b39-B052-6F5CE6FBB59F} - C:\PROGRA~1\SOFTOM~1\TOOLBA~1\INSTAL~1\{C49DD~1\0\STADE_~1.DLL O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\DelFax\WFXSWTCH.exe O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickStarTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [skinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Art Plus Wallpaper Calendar] "C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe" /a O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://c:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B1518559-8E6B-488A-8D33-9DA479B2B33D}: NameServer = 195.238.2.22 195.238.2.21 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: McAfee Desktop Firewall Service (FireSvc) - Networks Associates Technology, Inc. - (no file) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Pinnacle Systems GmbH - (no file) O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE -- End of file - 10925 bytes

Tu n'as pas essayé Smitfraudfix ? VOIR ICI

Le voici ComboFix 08-03-30.3 - mvh 2008-03-31 13:19:00.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.762 [GMT 2:00] Endroit: C:\Documents and Settings\mvh\Bureau\ComboFix.exe * Création d'un nouveau point de restauration * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\Temporary C:\WINDOWS\BMc3f36de5.xml C:\WINDOWS\pskt.ini C:\WINDOWS\system32\awtsp.dll C:\WINDOWS\system32\dbxDgrevCheck.dll C:\WINDOWS\system32\kbwfkqgc.dll C:\WINDOWS\system32\kjjxcikk.dll C:\WINDOWS\system32\nanwtjdq.dll C:\WINDOWS\system32\nphobnkx.ini C:\WINDOWS\system32\pstwa.ini C:\WINDOWS\system32\pstwa.ini2 C:\WINDOWS\system32\qomnnli.dll C:\WINDOWS\system32\qvbyijby.dll C:\WINDOWS\system32\uqhatjao.dll C:\WINDOWS\system32\xknbohpn.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-02-28 to 2008-03-31 )))))))))))))))))))))))))))))))))))) . 2008-03-31 13:07 . 2008-03-31 13:07 <REP> d-------- C:\Program Files\Trend Micro 2008-03-31 12:03 . 2008-03-31 12:12 <REP> d-------- C:\Program Files\RogueRemover PRO 2008-03-31 12:03 . 2008-03-31 12:03 2,015 -r-h----- C:\WINDOWS\system32\drivers\hosts 2008-03-31 10:59 . 2008-03-31 10:59 <REP> d-------- C:\WINDOWS\system32\bfubackups 2008-03-31 10:56 . 2008-03-31 10:56 <REP> d-------- C:\Navipromo 2008-03-28 15:33 . 2008-03-28 15:33 <REP> d-------- C:\Program Files\CCleaner 2008-03-28 13:36 . 2008-03-31 09:21 1,583,017 ---hs---- C:\WINDOWS\system32\ioidwypt.ini 2008-03-28 13:32 . 2008-03-28 13:32 54,336 --a------ C:\WINDOWS\system32\gtgeswhj.dll 2008-03-28 12:25 . 2008-03-31 11:08 2,778 --a------ C:\WINDOWS\system32\tmp.reg 2008-03-27 13:24 . 2008-03-27 13:43 1,583,175 ---hs---- C:\WINDOWS\system32\efmuhnnf.ini 2008-03-18 12:53 . 2008-03-18 12:53 <REP> d--hs---- C:\Diskeeper 2008-03-18 12:25 . 2008-03-18 12:25 <REP> d-------- C:\Program Files\Diskeeper Corporation 2008-03-18 12:25 . 2008-03-18 12:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation 2008-03-17 19:39 . 2008-03-17 17:39 66,560 --a------ C:\WINDOWS\b155.exe 2008-03-12 15:07 . 2008-03-12 15:07 <REP> d-------- C:\Documents and Settings\mvh\Application Data\scriptocean 2008-03-06 15:49 . 2008-03-06 15:49 23 --ahs---- C:\WINDOWS\system32\dceaf6_z.dll 2008-03-06 15:49 . 2008-03-06 15:49 23 --a------ C:\WINDOWS\system32\cfaec_z.ocx 2008-03-06 15:16 . 2008-03-06 15:49 <REP> d-------- C:\Program Files\jv16 PowerTools 2008 2008-03-04 15:27 . 2008-03-05 14:17 <REP> d-------- C:\Program Files\TClockEx 2008-03-02 18:26 . 2008-03-02 16:26 73,728 --a------ C:\WINDOWS\b153.exe 2008-02-27 14:46 . 2008-02-27 14:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-02-26 11:57 . 2008-02-26 12:03 197,632 --a------ C:\test_read.tmp 2008-02-19 15:49 . 2007-12-12 16:56 53,248 --a------ C:\WINDOWS\system32\CSVer.dll 2008-02-19 15:48 . 2008-02-19 15:48 <REP> d-------- C:\Intel 2008-02-19 14:30 . 2004-06-14 15:56 427,864 --a------ C:\WINDOWS\system32\XceedZip.dll 2008-02-19 13:22 . 2008-02-19 13:26 <REP> d-------- C:\Documents and Settings\mvh\Application Data\Desktop Calendar 2008-02-18 17:16 . 2006-04-01 07:33 17,408 -ra------ C:\WINDOWS\system32\EtCoInst.dll 2008-02-18 10:18 . 2008-02-18 10:18 <REP> d-------- C:\Program Files\Microsoft IntelliPoint 2008-02-14 10:50 . 2008-02-14 10:50 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS 2008-02-14 10:38 . 2008-02-14 10:38 <REP> d-------- C:\Program Files\Lavalys 2008-02-13 16:53 . 2008-02-13 16:53 133 --a------ C:\WINDOWS\lsplugin.ini 2008-02-13 14:35 . 2008-02-13 14:35 1,024 --a------ C:\WINDOWS\system32\ln5fhun.tgz 2008-02-12 14:04 . 2008-02-12 14:04 <REP> d-------- C:\Documents and Settings\mvh\Application Data\MiK 2008-02-12 13:58 . 2008-02-12 13:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MiK 2008-02-05 17:04 . 2008-02-05 17:04 <REP> d-------- C:\Program Files\EuroThink 2008-02-05 16:24 . 2008-02-13 14:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Cavomatic 2008-02-05 14:18 . 2008-02-05 14:18 <REP> d-------- C:\Program Files\Fichiers communs\Borland Shared 2008-02-05 14:18 . 2008-02-13 14:47 <REP> d-------- C:\Documents and Settings\mvh\Application Data\Jeroboam 2008-02-05 14:18 . 1999-01-20 06:01 210,032 --a------ C:\WINDOWS\system32\DBCLIENT.DLL 2008-02-05 14:18 . 1999-11-12 06:11 183,808 --a------ C:\WINDOWS\system32\BDEADMIN.CPL . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-31 10:03 --------- d-----w C:\Program Files\Common Files 2008-03-31 08:41 2,516 --sha-w C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys 2008-03-28 13:32 --------- d-----w C:\Program Files\EmEditor 2008-03-27 13:18 --------- d-----w C:\Program Files\DelFax 2008-03-25 10:36 --------- d-----w C:\Documents and Settings\mvh\Application Data\Sites 2008-03-25 10:36 --------- d-----w C:\Documents and Settings\mvh\Application Data\Classes de site 2008-03-12 08:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-03-11 15:51 --------- d-----w C:\Program Files\SWiSH Max2 2008-03-07 12:19 --------- d-----w C:\Program Files\Lavasoft 2008-03-07 12:18 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-03-07 12:04 --------- d-----w C:\Program Files\UltraISO 2008-03-07 12:04 --------- d-----w C:\Program Files\Fichiers communs\EZB Systems 2008-03-05 12:27 --------- d-----w C:\Program Files\Totalcmd 2008-03-05 12:16 161 ----a-w C:\Delme.bat 2008-03-04 13:45 --------- d-----w C:\Program Files\Atomic Alarm Clock 2008-02-21 11:06 --------- d-----w C:\Program Files\eMule 2008-02-21 08:10 --------- d-----w C:\Program Files\McAfee 2008-02-20 15:58 --------- d-----w C:\Program Files\Corel 2008-02-20 12:50 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-11 14:27 88 --sh--r C:\Documents and Settings\All Users\Application Data\E6A794E7CA.sys 2008-02-05 13:38 7,520 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys 2008-02-05 11:33 --------- d-----w C:\Program Files\ArtIcons Pro 2008-02-04 14:04 --------- d-----w C:\Program Files\Fichiers communs\ACD Systems 2008-02-04 14:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-01-28 12:15 1,773,568 ----a-w C:\WINDOWS\system32\msgdiplus.dll 2008-01-08 15:43 1,037,312 ----a-w C:\WINDOWS\system32\sqlrcmd.dll 2008-01-07 13:48 39,424 ----a-w C:\WINDOWS\zipinst.exe 2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll 2005-01-17 10:42 18 -c--a-w C:\Documents and Settings\mvh\Application Data\FileMark16.dll 2004-09-14 11:41 256 ---ha-w C:\Documents and Settings\All Users\Application Data\SYSREF87.BIN 2006-01-23 08:12 104 -csh--r C:\WINDOWS\system32\CAE794A7E6.sys 2006-09-19 09:26 168 -csh--r C:\WINDOWS\system32\E6A794E7CA.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2B0B59B4-55A3-4737-9FD5-B93C6430BF75}] 2008-03-28 13:32 54336 --a------ C:\WINDOWS\system32\gtgeswhj.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{326012CB-D3FF-4b39-B052-6F5CE6FBB59F}] 2006-02-28 17:23 544768 --a--c--- C:\PROGRA~1\SOFTOM~1\TOOLBA~1\INSTAL~1\{C49DD~1\0\STADE_~1.DLL [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2008-02-20 15:29 524800] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:54 15360] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-11-21 11:41 5724184] "Art Plus Wallpaper Calendar"="C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe" [2004-11-23 12:42 2113536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GSICONEXE"="GSICON.EXE" [2001-10-10 10:26 75776 C:\WINDOWS\system32\gsicon.exe] "DSLAGENTEXE"="dslagent.exe" [2001-10-02 09:42 16384 C:\WINDOWS\system32\dslagent.exe] "WFXSwtch"="C:\PROGRA~1\DelFax\WFXSWTCH.exe" [2001-09-11 11:06 27648] "WinFaxAppPortStarter"="wfxsnt40.exe" [2001-09-28 13:39 45568 C:\WINDOWS\system32\WFXSNT40.EXE] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 11:35 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 11:32 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 11:36 114688] "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 20:54 623992] "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 23:33 582992] "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-02-06 01:52 849280] "QuickTime Task"="C:\Program Files\QuickStarTime\qttask.exe" [2006-05-29 13:08 282624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:54 15360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMMyPictures"= 0 (0x0) "NoToolbarCustomize"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{A213B520-C6C2-11d0-AF9D-008029E1027E}"= C:\Program Files\DelFax\WfxSeh32.Dll [1998-07-27 08:54 38400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="C:\\WINDOWS\\system32\\logonui.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\System32\\mmc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Fichiers communs\\McAfee\\MNA\\McNASvc.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "139:TCP"= 139:TCP:@xpsp2res.dll,-22004 "445:TCP"= 445:TCP:@xpsp2res.dll,-22005 "137:UDP"= 137:UDP:@xpsp2res.dll,-22001 "138:UDP"= 138:UDP:@xpsp2res.dll,-22002 "31041:TCP"= 31041:TCP:SitekeeperRPC "31040:TCP"= 31040:TCP:PIServerRPC "31042:TCP"= 31042:TCP:SKAgentRPC "4500:UDP"= 4500:UDP:SkIPSec4500 "500:UDP"= 500:UDP:SkIPSec500 "1434:UDP"= 1434:UDP:SitekeeperSQL "135:TCP"= 135:TCP:DiskeeperDCOM "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\RemoteAdminSettings] "RemoteAddresses"= * "Enabled"= 1 (0x1) R2 ADSLAutoconnect;ADSLAutoconnect;"C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z [] R2 PSI_SVC_2;Protexis Licensing V2;"c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe" [2007-07-24 12:15] R2 wfxsvc;DelrinaFax PRO;C:\WINDOWS\system32\WFXSVC.EXE [2000-05-15 16:37] S1 bcbus;BestCrypt bus driver;C:\WINDOWS\system32\DRIVERS\bcbus.sys [] S2 gafwload;Eicon Networks USB ADSL Loader;C:\WINDOWS\system32\DRIVERS\gafwload.sys [2001-09-28 12:07] S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2007-10-17 01:00] S3 SQTECH9150;Mini Cam;C:\WINDOWS\system32\Drivers\Capt9150.sys [2003-07-17 20:44] . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-01-04 08:35:41 C:\WINDOWS\Tasks\McDefragTask.job" - C:\WINDOWS\system32\defrag.exe "2007-01-04 08:35:40 C:\WINDOWS\Tasks\McQcTask.job" - c:\program files\mcafee\mqc\QcConsol.exe.4158 0 "2004-11-10 12:39:35 C:\WINDOWS\Tasks\RegistryMedicAuotScan.job" - C:\Program Files\Registry Medic\RegMedical.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-31 13:26:34 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt" . --------------------- DLLs a charg‚ sous des processus courants --------------------- PROCESS: C:\WINDOWS\explorer.exe -> C:\Program Files\Atomic Alarm Clock\Clock.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\DelFax\WFXMOD32.EXE C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe . ************************************************************************** . Temps d'accomplissement: 2008-03-31 13:32:07 - machine was rebooted ComboFix-quarantined-files.txt 2008-03-31 11:32:02 Pre-Run: 4,515,082,240 octets libres Post-Run: 4,410,343,424 octets libres . 2008-03-12 08:25:07 --- E O F ---

Bonjour, Depuis quelques jours je suis infesté par des fenêtres publicitaires intempestives, fausses alertes, demandes d'installation de remèdes antivirus, antiver etc... et même par de fausses fenêtres "Google" qui s'ouvrent toutes seules. L'affichage écran est google mais la barre de titre affiche "http://www.day-time-search.org/search.php" et une Active X est bloquée en attente d'installation (que je n'accepte pas bien sûr). J'ai fais des recherches et ai trouvé différentes solutions sur des forums mais rien n'y fait. Ainsi j'ai déjà utilsé CCleaner, Navipromo, BFU, Smitfraudfix et Combofix. Toutes les procédures indiquées sur les forums ont été scrupuleusement respectées (mode sans échec etc...) Seul Combofix a apporté une légère amélioration mais le phénomène "google" continue. Même sans utiliser IE7 j'entend le bruit du bloqueur de pop-up qui fonctionne de temps à autre... Le problème est assez curieux car je peux parfois surfer plusieurs minutes sans problèmes avant que subitement 1 ou 2 fenêtres s'ouvrent. J'ai même installé IE_SPYADS_ZO trouvé sur un lien de ce forum mais cela n'aide pas davantage. Mes antivirus + firewall sont MCAfee VirusscanPlus 2008 et tout est à jour. Je vous livre le rapport obtenu avec HijackThis 2.0.2 En espérant que vous voudrez bien me venir en aide. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:30:50, on 31/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\PSIService.exe c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\WFXSVC.EXE C:\Program Files\DelFax\WFXMOD32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\PROGRA~1\DelFax\WFXSWTCH.exe C:\WINDOWS\system32\wfxsnt40.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\QuickStarTime\qttask.exe C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\WINDOWS\explorer.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Totalcmd\TOTALCMD.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2B0B59B4-55A3-4737-9FD5-B93C6430BF75} - C:\WINDOWS\system32\gtgeswhj.dll O2 - BHO: XBTP02546 - {326012CB-D3FF-4b39-B052-6F5CE6FBB59F} - C:\PROGRA~1\SOFTOM~1\TOOLBA~1\INSTAL~1\{C49DD~1\0\STADE_~1.DLL O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\DelFax\WFXSWTCH.exe O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickStarTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [skinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Art Plus Wallpaper Calendar] "C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe" /a O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://c:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B1518559-8E6B-488A-8D33-9DA479B2B33D}: NameServer = 195.238.2.22 195.238.2.21 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: McAfee Desktop Firewall Service (FireSvc) - Networks Associates Technology, Inc. - (no file) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Framework McAfee (McAfeeFramework) - Pinnacle Systems GmbH - (no file) O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE -- End of file - 11059 bytes