Rapport de ZHPDiag v1.28.136 par Nicolas Coolman, Update du 29/09/2011
Run by Stephane at 01/10/2011 15:09:05
Web site : ZHPDiag Outil de diagnostic
---\\ Web Browser
MSIE: Internet Explorer v7.0.5730.13
MFIE: Mozilla Firefox 6.0.1 v6.0.1 (Defaut)
GCIE: Google Chrome v13.0.782.220
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Information
~ Processor: x86 Family 6 Model 28 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1015 MB (47% free)
System Restore: Activé (Enable)
System drive C: has 28 GB (38%) free of 72 GB
---\\ Logged in mode
~ Computer Name: YOUR-57I8G5C8PD
~ User Name: Stephane
~ All Users Names: SUPPORT_388945a0, Stephane, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Stephane\Application Data\
~ %Desktop% : C:\Documents and Settings\Stephane\Bureau\
~ %Favorites% : C:\Documents and Settings\Stephane\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Stephane\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Stephane\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 28 Go of 72 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 71 Go of 72 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.1ED4120974B73A40863CD8D2221C162F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.01/10/2011 - 19:39:20.) -- C:\WINDOWS\system32\wininet.dll [832512]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.355556D9E580915118CD7EF736653A89] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.01/10/2011 - 14:22:48.) -- C:\WINDOWS\system32\drivers\AFD.sys [138496] 1868
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.01/10/2011 - 14:06:15.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] 1788
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Cdfs.sys [63744] 1804
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Cdrom.sys [62976] 1780
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Fips.sys [44672] 1852
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\HDAudBus.sys [144384] 1940
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.01/10/2011 - 18:00:54.) -- C:\WINDOWS\system32\drivers\i8042prt.sys [54144] 1852
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Imapi.sys [42112] 1780
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\IpNat.sys [152832] 1820
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\IPSec.sys [75264] 1756
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.01/10/2011 - 14:29:31.) -- C:\WINDOWS\system32\drivers\MRxSmb.sys [456320] 1844
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\netBT.sys [162816] 1788
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] 1788
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Parport.sys [80384] 1852
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Rasl2tp.sys [51328] 1876
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.01/10/2011 - 10:32:52.) -- C:\WINDOWS\system32\drivers\rdpdr.sys [196224] 1828
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.01/10/2011 - 19:57:36.) -- C:\WINDOWS\system32\drivers\redbook.sys [58752] 1892
[MD5.93D313C31F7AD9EA2B75F26075413C7C] - (.Microsoft Corporation - Pilote de périphérique série.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Serial.sys [66048] 1868
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 1/32
~ Mes Documents (My Documents) : 4/15
~ Mon Bureau (My Desktop) : 1/1431
~ Menu demarrer (Programs) : 6/29
~ Scan Hidden Files in 00mn 03s
---\\ Processus lancés
[MD5.82699E5EDE403F59FC4384D39EB77B52] - (.Enigma Software Group USA, LLC. - Service scanner interface.) -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [327064] [PID.]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.]
[MD5.C0393EB99A6C72C6BEF9BFC4A72B33A6] - (.SUPERAntiSpyware.com - Core Service.) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608] [PID.]
[MD5.1CF3866E09FFE13CF280D4DDFA9F7DCF] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.]
[MD5.E43F7709F36444681978F9DC067A976B] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [346720] [PID.]
[MD5.4F0BED169FAB31EA094A649B0473B5C6] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [135168] [PID.3268]
[MD5.8B0DE4B972DB725FB9D591E69CD236FB] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [159744] [PID.3352]
[MD5.DDE609AC0ED5669DC40650DFE0E66C3E] - (.ASUS - AsScrPro.) -- C:\WINDOWS\AsScrPro.exe [3054136] [PID.3516]
[MD5.0E3A2C02789E7DBBA9007844527D5872] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [17881600] [PID.3524]
[MD5.F1E858C7523F3E95286549003A700EF7] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1512744] [PID.3540]
[MD5.253CF4703D21BEC8A1AFCE35B8232ABC] - (.ASUSTeK Computer Inc. - Asus Eee PC ACPI Service.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [696320] [PID.3564]
[MD5.91C2BA0431E84FD66766FB2352C82463] - (.ASUSTeK Computer Inc. - AsEPCMon.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe [98304] [PID.3572]
[MD5.DD4DAD7294B7D29F1CE4D9B81540A998] - (.ASUSTeK Computer Inc. - Eee PC Tray Utility.) -- C:\Program Files\EeePC\ACPI\AsTray.exe [118784] [PID.3580]
[MD5.3726751A8C2C57D1013F3C8D7AAE726C] - (.Intel Corporation - igfxext Module.) -- C:\WINDOWS\system32\igfxext.exe [163840] [PID.3656]
[MD5.6E0B205042FC3AF5DE84F90F875AFFDA] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [249856] [PID.3680]
[MD5.3B50055972861DA5D5625CAD1B11007E] - (.Elaborate Bytes AG - CloneCD Tray.) -- C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe [73728] [PID.3696]
[MD5.3E0511382C9B1D9FE20AD760464DB4F9] - (.Anti-Trojan Network - Anti-Trojan Watch.) -- C:\Program Files\Anti-Trojan-55\ATWatch.exe [26624] [PID.3716]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.3740]
[MD5.6DB4CC46B84D49F675D89BFB0A8CAFC3] - (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4603264] [PID.4052]
[MD5.1D4E38336C554C955558D8B72892ACBF] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [604776] [PID.1000]
[MD5.59D7814D3E12C0B46072EEF1DA003729] - (.ASUSTeK Computer Inc. - Eee Super Hybrid Engine.) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [376832] [PID.216]
[MD5.9089100A22856513CBF35E18C552D53F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.1248]
[MD5.A89788C5D2B246E9289489D3F156AD8C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.1648]
[MD5.0411F7EE63AE48D2918AB4F2C79AB6C4] - (.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe [78848] [PID.]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.A6333BD6D9D42AE4E3A72E5EA5E7560F] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2125312] [PID.3732]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [user Data\Default] Bing
G0 - GCSP: Preference [user Data\Default][HomePage] Google
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Stephane\Application Data\Mozilla\Firefox\Profiles\1gzqwcot.default\prefs.js
C:\Documents and Settings\Stephane\Application Data\Mozilla\Firefox\Profiles\1gzqwcot.default\user.js (.not file.)
M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [stephane - 1gzqwcot.default] Google
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8064.0206] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Unlimited music on demand, on your computer and mobile devices. No software to download
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Microsoft Corporation
R0 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\Software\Microsoft\Internet Explorer\Main,Start Page = Unlimited music on demand, on your computer and mobile devices. No software to download
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing
R1 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.17099 (vista_gdr.110617-1500)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 74.55.47.101 www.google.com
O1 - Hosts: 74.55.47.101 google.com
O1 - Hosts: 74.55.47.101 google.com.au
O1 - Hosts: 74.55.47.101 www.google.com.au
O1 - Hosts: 74.55.47.101 google.be
O1 - Hosts: 74.55.47.101 www.google.be
O1 - Hosts: 74.55.47.101 google.com.br
O1 - Hosts: 74.55.47.101 www.google.com.br
O1 - Hosts: 74.55.47.101 google.ca
O1 - Hosts: 74.55.47.101 www.google.ca
O1 - Hosts: 74.55.47.101 google.ch
O1 - Hosts: 74.55.47.101 www.google.ch
O1 - Hosts: 74.55.47.101 google.de
O1 - Hosts: 74.55.47.101 www.google.de
O1 - Hosts: 74.55.47.101 google.dk
O1 - Hosts: 74.55.47.101 www.google.dk
O1 - Hosts: 74.55.47.101 google.fr
O1 - Hosts: 74.55.47.101 www.google.fr
O1 - Hosts: 74.55.47.101 google.ie
O1 - Hosts: 74.55.47.101 www.google.ie
O1 - Hosts: 74.55.47.101 google.it
O1 - Hosts: 74.55.47.101 www.google.it
O1 - Hosts: 74.55.47.101 google.co.jp
O1 - Hosts: 74.55.47.101 www.google.co.jp
O1 - Hosts: 74.55.47.101 google.nl
O1 - Hosts: 74.55.47.101 www.google.nl
O1 - Hosts: 74.55.47.101 google.no
O1 - Hosts: 74.55.47.101 www.google.no
O1 - Hosts: 74.55.47.101 google.co.nz
O1 - Hosts: 74.55.47.101 www.google.co.nz
O1 - Hosts: 74.55.47.101 google.pl
O1 - Hosts: 74.55.47.101 www.google.pl
O1 - Hosts: 74.55.47.101 google.se
O1 - Hosts: 74.55.47.101 www.google.se
O1 - Hosts: 74.55.47.101 google.co.uk
O1 - Hosts: 74.55.47.101 www.google.co.uk
O1 - Hosts: 74.55.47.101 google.co.za
O1 - Hosts: 74.55.47.101 www.google.co.za
O1 - Hosts: 74.55.47.101 www.google-analytics.com
O1 - Hosts: 74.55.47.101 www.bing.com
O1 - Hosts: 74.55.47.101 search.yahoo.com
O1 - Hosts: 74.55.47.101 www.search.yahoo.com
O1 - Hosts: 74.55.47.101 uk.search.yahoo.com
O1 - Hosts: 74.55.47.101 ca.search.yahoo.com
O1 - Hosts: 74.55.47.101 de.search.yahoo.com
O1 - Hosts: 74.55.47.101 fr.search.yahoo.com
O1 - Hosts: 74.55.47.101 au.
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} . (.Ask.com - Ask.com Toolbar.) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} . (.Ask.com - Ask.com Toolbar.) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll"
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] . (.ASUS - AsScrPro.) -- C:\WINDOWS\AsScrPro.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [synAsusAcpi] . (.Synaptics Incorporated - Asus Custom Acpi Monitor Application.) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [AsusACPIServer] . (.ASUSTeK Computer Inc. - Asus Eee PC ACPI Service.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] . (.ASUSTeK Computer Inc. - AsEPCMon.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] . (.ASUSTeK Computer Inc. - Eee PC Tray Utility.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] . (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] . (.Elaborate Bytes AG - CloneCD Tray.) -- C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [bEWINTERNET-FR-DMGP-V2SessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Anti-Trojan-Watch] . (.Anti-Trojan Network - Anti-Trojan Watch.) -- C:\Program Files\Anti-Trojan-55\ATWatch.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKCU\..\Run: [sUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\..\Run: [sUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Favoris Bluetooth.lnk - Clé orpheline
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Visionneuse Microsoft Office PowerPoint 2007.lnk . (...) -- C:\WINDOWS\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\Stephane\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Stephane\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Stephane\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\Stephane\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.exe
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~4\OFFICE11\REFBARH.ICO
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D140E2A-B1D5-447B-A352-5E533DE4A889}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{7D140E2A-B1D5-447B-A352-5E533DE4A889}: DhcpNameServer = 192.168.1.254
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 01s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3330890289-3585157530-1149903320-1006Core.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3330890289-3585157530-1149903320-1006UA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RegCure Program Check.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RegCure.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys
O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: ASUSUpdate for Eee PC - (.Pas de propriétaire.) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Anti-Trojan 5.5 - (.Anti-Trojan Network.) [HKLM] -- Anti-Trojan 5.5_is1
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Asus ACPI Driver - (.AsusTek Computer.) [HKLM] -- {19F5658D-92E8-4A08-8657-D38ABB1574B2}
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {16D0F2D2-242C-4885-BEF1-4B1655C141AE}
O42 - Logiciel: Card Detector for Option Icon 515 - (.Pas de propriétaire.) [HKLM] -- CardDetectorICON515
O42 - Logiciel: Choice Guard - (.Microsoft Corporation.) [HKLM] -- {8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
O42 - Logiciel: CloneCD - (.Elaborate Bytes.) [HKLM] -- CloneCD
O42 - Logiciel: ESET Online Scanner v3 - (.Pas de propriétaire.) [HKLM] -- ESET Online Scanner
O42 - Logiciel: Eee PC_1008HA Screen Saver - (.Pas de propriétaire.) [HKLM] -- Eee PC_1008HA
O42 - Logiciel: Eee Storage 1.2.17.333 - (.ECAREME.) [HKLM] -- Eee Storage
O42 - Logiciel: FRANCE PROSPECT Email 120 - (.FRANCEPROSPECT.) [HKLM] -- {CBB4ED66-9C21-4DDF-A6D0-162081570A73}
O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] -- Foxit Reader
O42 - Logiciel: Foxit Toolbar - (.Ask.com.) [HKLM] -- Ask Toolbar_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {44E54A81-9D91-4AA1-9417-80AFF134F5FF}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {7370DF47-B4F9-4279-BFC3-3F09919F720D}
O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI
O42 - Logiciel: Internet Everywhere - (.Pas de propriétaire.) [HKLM] -- {BEWINTERNET-FR-DMGP-V2}.UninstallSuite
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MagicPDF 2.01 - (.Magic Document Solutions Inc..) [HKLM] -- MagicPDF_is1
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007
O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping
O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Mozilla Firefox 6.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.1 (x86 fr)
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: RegCure - (.ParetoLogic, Inc..) [HKLM] -- RegCure
O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
O42 - Logiciel: Skype™ 5.0 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM] -- {4FC9DA9D-F608-454E-8191-D7EFFDCC5726}
O42 - Logiciel: Super Hybrid Engine - (.ASUS.) [HKLM] -- {88F08F98-12BC-4613-81A2-8F9B88CFC73E}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: USB2.0 UVC Camera Device - (.UVCPCC.) [HKLM] -- {3FB39BED-37C8-4E60-8E02-315B8C2B07E3}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.0.2 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: WIDCOMM Bluetooth Software - (.WIDCOMM, Inc..) [HKLM] -- {84814E6B-2581-46EC-926A-823BD1C670F6}
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D6A2DDE3-9D7C-412C-932A-756580D29919}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {63DC2DA0-2A6C-4C38-9249-B75395458657}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {059C042E-796A-4ACC-A81A-ECC2010BB78C}
O42 - Logiciel: Windows Live Sync - (.Microsoft Corporation.) [HKLM] -- {9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {2231CE39-B963-4B9D-823A-F412ECA637B1}
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\AskBarDis]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\AskBarDis]
[HKCU\Software\Asus]
[HKCU\Software\Avira]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ECAREME]
[HKCU\Software\ESET]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\Foxit Software]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SUPERAntiSpyware.com]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\TG0PTF86JH]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Wget]
[HKCU\Software\Widcomm]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKLM\Software\Adobe]
[HKLM\Software\AskBarDis]
[HKLM\Software\AsusTek Computer]
[HKLM\Software\Asus]
[HKLM\Software\Atheros Communications Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\Avira]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Digital River]
[HKLM\Software\ECAREME]
[HKLM\Software\Elaborate Bytes]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Eset]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\Foxit Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Mirabilis]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Ralink]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SUPERAntiSpyware.com]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Swearware]
[HKLM\Software\Synaptics]
[HKLM\Software\UVCPCC]
[HKLM\Software\VideoLAN]
[HKLM\Software\Widcomm]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\X-AVCSD]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/10/2011 - 14:01:28 - [2787328] ----D- C:\Program Files\Anti-Trojan-55
O43 - CFD: 02/08/2009 - 18:32:12 - [1333012] ----D- C:\Program Files\AskBarDis
O43 - CFD: 28/06/2009 - 22:51:54 - [4729714] ----D- C:\Program Files\ASUS
O43 - CFD: 23/04/2009 - 15:46:12 - [4150] ----D- C:\Program Files\Atheros
O43 - CFD: 18/08/2011 - 18:22:24 - [136931215] ----D- C:\Program Files\Avira
O43 - CFD: 20/07/2010 - 22:02:16 - [33240840] ----D- C:\Program Files\CardDetector
O43 - CFD: 16/07/2010 - 23:07:28 - [7951928] ----D- C:\Program Files\CardDetector(2)
O43 - CFD: 23/04/2009 - 16:05:24 - [10755089] ----D- C:\Program Files\Eee Storage
O43 - CFD: 28/06/2009 - 22:51:28 - [3885442] ----D- C:\Program Files\EeePC
O43 - CFD: 27/07/2009 - 18:41:08 - [5315898] ----D- C:\Program Files\Elaborate Bytes
O43 - CFD: 22/07/2010 - 13:11:28 - [29188751] ----D- C:\Program Files\Enigma Software Group
O43 - CFD: 18/08/2011 - 17:29:12 - [18323031] ----D- C:\Program Files\ESET
O43 - CFD: 18/08/2011 - 13:51:46 - [590147698] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 29/07/2009 - 12:28:54 - [6927027] ----D- C:\Program Files\Foxit Software
O43 - CFD: 12/11/2009 - 10:38:38 - [1072140066] ----D- C:\Program Files\FRANCEPROSPECT
O43 - CFD: 30/11/2010 - 22:55:22 - [19915838] ----D- C:\Program Files\Google
O43 - CFD: 28/06/2009 - 22:51:54 - [37983645] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 23/04/2009 - 15:44:44 - [64737] ----D- C:\Program Files\Intel
O43 - CFD: 14/08/2011 - 12:02:20 - [2806491] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 29/07/2009 - 12:42:08 - [1259087] ----D- C:\Program Files\MagicPDF
O43 - CFD: 18/08/2011 - 16:53:46 - [7042908] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 23/04/2009 - 15:36:54 - [2152579] ----D- C:\Program Files\Messenger
O43 - CFD: 22/08/2011 - 22:57:14 - [21015069] ----D- C:\Program Files\Microsoft
O43 - CFD: 16/04/2009 - 13:13:38 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 13/08/2011 - 22:29:10 - [187189865] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 23/04/2009 - 16:10:32 - [7688379] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 23/04/2009 - 15:49:48 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 23/04/2009 - 15:58:08 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 12/01/2011 - 15:39:42 - [144677302] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 29/07/2009 - 12:15:32 - [131072] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 11/08/2010 - 23:24:58 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 01/10/2011 - 14:24:54 - [35669311] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 05/09/2009 - 17:12:42 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 16/04/2009 - 13:10:40 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 16/04/2009 - 13:11:42 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 23/04/2009 - 16:02:48 - [109056808] ----D- C:\Program Files\Norton Internet Security
O43 - CFD: 16/07/2010 - 23:21:52 - [101733051] ----D- C:\Program Files\Orange
O43 - CFD: 18/12/2010 - 09:58:52 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 28/06/2009 - 22:47:56 - [62827892] ----D- C:\Program Files\Realtek
O43 - CFD: 05/09/2009 - 17:12:32 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 18/08/2011 - 18:15:34 - [15238454] ----D- C:\Program Files\RegCure
O43 - CFD: 16/04/2009 - 13:11:54 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 30/11/2010 - 22:54:22 - [28205147] R---D- C:\Program Files\Skype
O43 - CFD: 20/08/2011 - 08:52:02 - [39057312] ----D- C:\Program Files\SUPERAntiSpyware
O43 - CFD: 28/06/2009 - 22:49:24 - [26611885] ----D- C:\Program Files\Synaptics
O43 - CFD: 16/04/2009 - 13:16:52 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 23/04/2009 - 15:47:18 - [231249] ----D- C:\Program Files\USB2.0 UVC Camera Device
O43 - CFD: 17/10/2009 - 12:28:32 - [76927915] ----D- C:\Program Files\VideoLAN
O43 - CFD: 23/04/2009 - 15:47:30 - [7914129] ----D- C:\Program Files\WIDCOMM
O43 - CFD: 22/08/2011 - 22:58:18 - [138963694] ----D- C:\Program Files\Windows Live
O43 - CFD: 23/04/2009 - 15:56:20 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 23/04/2009 - 16:04:50 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 23/04/2009 - 16:05:14 - [8265243] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 16/04/2009 - 13:10:38 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 16/04/2009 - 13:11:56 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 29/07/2009 - 12:23:56 - [2973605] ----D- C:\Program Files\WinRAR
O43 - CFD: 16/04/2009 - 13:13:38 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 01/10/2011 - 15:09:14 - [6399179] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 29/07/2009 - 11:54:44 - [0] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 29/07/2009 - 12:15:50 - [86016] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 16/07/2010 - 23:07:34 - [11275150] ----D- C:\Program Files\Fichiers Communs\France Telecom
O43 - CFD: 28/06/2009 - 22:51:46 - [6678029] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 18/08/2011 - 12:31:12 - [166450672] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 16/04/2009 - 13:11:40 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 16/04/2009 - 15:07:48 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 16/04/2009 - 13:11:42 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 30/11/2010 - 22:54:22 - [2164104] ----D- C:\Program Files\Fichiers Communs\Skype
O43 - CFD: 16/04/2009 - 15:07:44 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 29/07/2009 - 12:15:34 - [20325447] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 23/04/2009 - 15:53:56 - [346094481] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 22/07/2010 - 13:10:54 - [32994304] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD: 27/07/2009 - 18:58:38 - [1595230] ----D- C:\Documents and Settings\Stephane\Application Data\Adobe
O43 - CFD: 03/09/2011 - 18:53:00 - [0] ----D- C:\Documents and Settings\Stephane\Application Data\Avira
O43 - CFD: 29/07/2009 - 12:28:54 - [34100] ----D- C:\Documents and Settings\Stephane\Application Data\Foxit
O43 - CFD: 30/11/2010 - 22:58:28 - [8500] ----D- C:\Documents and Settings\Stephane\Application Data\Google
O43 - CFD: 16/04/2009 - 13:16:54 - [0] ----D- C:\Documents and Settings\Stephane\Application Data\Identities
O43 - CFD: 23/04/2009 - 15:46:08 - [0] ----D- C:\Documents and Settings\Stephane\Application Data\InstallShield
O43 - CFD: 27/07/2009 - 18:36:20 - [32720] ----D- C:\Documents and Settings\Stephane\Application Data\Macromedia
O43 - CFD: 25/07/2010 - 15:18:20 - [15161] ----D- C:\Documents and Settings\Stephane\Application Data\Malwarebytes
O43 - CFD: 18/08/2011 - 12:32:14 - [3948843] -S--D- C:\Documents and Settings\Stephane\Application Data\Microsoft
O43 - CFD: 18/08/2011 - 12:54:30 - [15270757] ----D- C:\Documents and Settings\Stephane\Application Data\Mozilla
O43 - CFD: 05/12/2010 - 11:15:10 - [2387700] ----D- C:\Documents and Settings\Stephane\Application Data\Skype
O43 - CFD: 05/12/2010 - 10:49:06 - [8120] ----D- C:\Documents and Settings\Stephane\Application Data\skypePM
O43 - CFD: 25/07/2010 - 14:45:30 - [52506205] ----D- C:\Documents and Settings\Stephane\Application Data\SUPERAntiSpyware.com
O43 - CFD: 19/08/2011 - 01:13:28 - [748158] ----D- C:\Documents and Settings\Stephane\Application Data\vlc
O43 - CFD: 29/07/2009 - 11:54:38 - [15185] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Adobe
O43 - CFD: 23/04/2009 - 16:05:20 - [8913] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 11/08/2010 - 14:11:26 - [0] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Deployment
O43 - CFD: 13/08/2011 - 22:32:46 - [453455092] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google
O43 - CFD: 27/07/2009 - 18:37:24 - [80146612] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Identities
O43 - CFD: 26/08/2011 - 10:09:42 - [4313722674] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Microsoft
O43 - CFD: 23/04/2009 - 16:06:06 - [0] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Microsoft Help
O43 - CFD: 18/08/2011 - 12:50:10 - [217951230] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Mozilla
O43 - CFD: 14/08/2011 - 12:16:48 - [0] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Temp
O43 - CFD: 20/07/2010 - 22:02:40 - [0] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Threat Expert
O43 - CFD: 28/07/2009 - 00:24:24 - [0] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\WMTools Downloaded Files
~ Scan Program Folder in 00mn 18s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C661CF5379C551AFF6C8B8790B0B74F8] - 01/10/2011 - 13:21:24 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32490]
O44 - LFC:[MD5.63ACA7B9B649EA94B1E09739A9997D6C] - 01/10/2011 - 13:05:08 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [105526]
O44 - LFC:[MD5.9FC74A8280C2A45B9319730AC0DEDB08] - 01/10/2011 - 13:05:08 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [480620]
O44 - LFC:[MD5.135F3CA51B94FF739AC5AE4127B19553] - 01/10/2011 - 13:05:08 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [555194]
O44 - LFC:[MD5.D7894AA7A386763EF314469A7A681E79] - 01/10/2011 - 13:05:07 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [1243348]
O44 - LFC:[MD5.1E8465FB7F12835013D7691F19036BB1] - 01/10/2011 - 13:05:07 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [88180]
O44 - LFC:[MD5.EEBACD996A2059BAE2181BB60673B938] - 01/10/2011 - 13:02:40 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [404640]
O44 - LFC:[MD5.1D41FD9094FA00F6589BF63D5AF8DC9C] - 01/10/2011 - 13:02:26 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1057332]
O44 - LFC:[MD5.DB54A60950F7AE98CA49797D533D169E] - 01/10/2011 - 13:00:48 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [1158]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/10/2011 - 13:00:30 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.2539537807DB4C31BBF3674C6EF73D10] - 01/10/2011 - 13:00:06 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.A4F8D5BC34C5433A0EFFE77783D8C366] - 01/10/2011 - 13:00:05 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 01/10/2011 - 12:59:52 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.21CD61B66955C08339D2E4739084658E] - 01/10/2011 - 12:57:27 ---A- . (...) -- C:\WINDOWS\comsetup.log [510365]
O44 - LFC:[MD5.033351DC6B42460C3CBD8C486A75B8F6] - 01/10/2011 - 12:57:27 ---A- . (...) -- C:\WINDOWS\iis6.log [238646]
O44 - LFC:[MD5.491C5EF13D9541523B7EE46EAF202F03] - 01/10/2011 - 12:57:27 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [307042]
O44 - LFC:[MD5.5214C59CD08B68862F608E4EA6C510A0] - 01/10/2011 - 12:57:26 ---A- . (...) -- C:\WINDOWS\KB2607712.log [13304]
O44 - LFC:[MD5.63CAD1D8118B5CC28B618CE8D4560C1D] - 01/10/2011 - 12:57:26 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.208C15ED71113E05AE7B3D41A41F6E4A] - 01/10/2011 - 12:57:26 ---A- . (...) -- C:\WINDOWS\ocmsn.log [82921]
O44 - LFC:[MD5.50F84AD0B29AABBE012059BE82B79F2B] - 01/10/2011 - 12:57:26 ---A- . (...) -- C:\WINDOWS\tsoc.log [578313]
O44 - LFC:[MD5.534AD4DF2AD6B9207D3B1C51E3BC5D18] - 01/10/2011 - 12:57:24 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1495452]
O44 - LFC:[MD5.DDE6A5A9A3C40F00F4AEFF310B83DD0A] - 01/10/2011 - 12:57:24 ---A- . (...) -- C:\WINDOWS\msgsocm.log [75031]
O44 - LFC:[MD5.84A2CDA84AD6EA6CC0D332D551786CFF] - 01/10/2011 - 12:57:24 ---A- . (...) -- C:\WINDOWS\ocgen.log [724165]
O44 - LFC:[MD5.F2B2E5E035ADA71CE02DC542F5E3082F] - 01/10/2011 - 12:57:24 ---A- . (...) -- C:\WINDOWS\setupapi.log [523437]
O44 - LFC:[MD5.9E8BE4BA99FF4A796A9E5A754827BEE6] - 01/10/2011 - 12:57:14 ---A- . (...) -- C:\WINDOWS\updspapi.log [173957]
~ Scan Files in 01mn 02s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
O47 - AAKE:Key Export SP - "C:\Program Files\VideoLAN\VLC\vlc.exe" [Enabled] .(...) -- C:\Program Files\VideoLAN\VLC\vlc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Anti-Trojan-55\Anti-Trojan.exe" [Enabled] .(.Anti-Trojan - Anti-Trojan 5.5 Professional.) -- C:\Program Files\Anti-Trojan-55\Anti-Trojan.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
~ Scan Keys in 00mn 03s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - WDF Dynamic.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - WDF Dynamic.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
~ Scan CSB in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\MsnMsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\MsnMsgr.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.F6AF59D6EEE5E1C304F7F73706AD11D8] - 01/10/2011 - 13:10:12 ---A- . (.Creative - Creative WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\Ambfilt.sys [1684736]
O58 - SDL:[MD5.12415A4B61DED200FE9932B47A35FA42] - 01/10/2011 - 14:59:28 ---A- . (.ASUSTeK Computer Inc. - ASUS ACPI Device Driver.) -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS [10752]
O58 - SDL:[MD5.E0EE769D14128014965E03B433F5F46E] - 01/10/2011 - 22:05:26 ---A- . (.Atheros Communications, Inc. - Driver for Atheros AR5008 Wireless Network Adapter.) -- C:\WINDOWS\system32\drivers\athw.sys [1528928]
O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 01/10/2011 - 14:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys [45416]
O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 01/10/2011 - 07:50:43 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [61960]
O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 01/10/2011 - 14:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys [22360]
O58 - SDL:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 01/10/2011 - 07:50:43 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [137656]
O58 - SDL:[MD5.4B43DFE1C1FBB305A1DC5504EF9BB34E] - 01/10/2011 - 04:46:12 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\WINDOWS\system32\drivers\btaudio.sys [534568]
O58 - SDL:[MD5.70455BAFFC078B6152D1E52376296467] - 01/10/2011 - 15:16:36 ---A- . (.Broadcom Corporation. - Bluetooth Bus Enumerator.) -- C:\WINDOWS\system32\drivers\btkrnl.sys [991656]
O58 - SDL:[MD5.2F9F111D31AA3FBBE5781D829A4524E6] - 01/10/2011 - 10:57:44 ---A- . (.Broadcom Corporation. - Bluetooth BTPORT Driver for Windows 2000.) -- C:\WINDOWS\system32\drivers\btport.sys [37160]
O58 - SDL:[MD5.485020A1E1FC5C51A800CA69C618D881] - 01/10/2011 - 10:37:10 ---A- . (.Broadcom Corporation. - Bluetooth LAN Access Server Driver.) -- C:\WINDOWS\system32\drivers\btwdndis.sys [156816]
O58 - SDL:[MD5.949ECA9C56F657C06D3166D51F3226C7] - 01/10/2011 - 11:18:42 ---A- . (.Broadcom Corporation. - Bluetooth Virtual HID Minidriver.) -- C:\WINDOWS\system32\drivers\btwhid.sys [57384]
O58 - SDL:[MD5.C21362BB5A22CE4B40A7B475254F858C] - 01/10/2011 - 07:14:24 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth IT Manager Filter.) -- C:\WINDOWS\system32\drivers\btwsecfl.sys [89896]
O58 - SDL:[MD5.2CFC2BD8785F82A42FCAD83DE1FA5A36] - 01/10/2011 - 15:16:28 ---A- . (.Broadcom Corporation. - Driver for Bluetooth USB Devices.) -- C:\WINDOWS\system32\drivers\btwusb.sys [47272]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 01/10/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 01/10/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.59C9E1336A4508F059827D638E924C62] - 01/10/2011 - 15:18:04 ---A- . (.Elaborate Bytes AG - ElbyCDIO Filter Driver.) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys [15360]
O58 - SDL:[MD5.389823DB299B350F2EE830D47376EEAC] - 01/10/2011 - 12:38:16 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys [16320]
O58 - SDL:[MD5.C4143FC2F7D39A5A8B1CFE0BC4BD8A9E] - 01/10/2011 - 11:43:49 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\drivers\ElbyVCD.sys [22016]
O58 - SDL:[MD5.26EA5EAE39A48FC6667FCD35753DCFFF] - 01/10/2011 - 17:35:46 R--A- . (.Option N.V. - NDIS driver.) -- C:\WINDOWS\system32\drivers\gtuhs51.sys [107520]
O58 - SDL:[MD5.884199F75305F58038480F31E47604B7] - 01/10/2011 - 17:35:46 R--A- . (.Option N.V. - Pas de description.) -- C:\WINDOWS\system32\drivers\gtuhsbus.sys [66560]
O58 - SDL:[MD5.84F1E6DD27A401C7E69E277FD74AEFDE] - 01/10/2011 - 17:35:46 R--A- . (.Option N.V. - Pas de description.) -- C:\WINDOWS\system32\drivers\gtuhsser.sys [8064]
O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 01/10/2011 - 13:00:00 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384]
O58 - SDL:[MD5.8EF427C54497C5F8A7A645990E4278C7] - 01/10/2011 - 06:32:56 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\system32\drivers\iaStor.sys [327192]
O58 - SDL:[MD5.0F68E2EC713F132FFB19E45415B09679] - 01/10/2011 - 16:32:12 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\igxpmp32.sys [5854688]
O58 - SDL:[MD5.6C8658587E91EA25B0FD2E71781AD228] - 01/10/2011 - 06:03:48 ---A- . (.Atheros Communications, Inc. - Atheros AR8131/AR8132 PCI-E Ethernet Controller ndis miniport d.) -- C:\WINDOWS\system32\drivers\l1c51x86.sys [38912]
O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 01/10/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712]
O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 01/10/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272]
O58 - SDL:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 01/10/2011 - 08:41:48 ---A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\system32\drivers\Monfilt.sys [1389056]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 01/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 01/10/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 01/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 01/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.AFA6853AA949B5E151E4A10F6805B5B2] - 01/10/2011 - 10:18:54 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [5080064]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 01/10/2011 - 13:00:00 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 01/10/2011 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.8E25A1DBB8527B2074AF9B682F818768] - 01/10/2011 - 14:14:28 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys [208816]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 01/10/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.C019889035CDC1A06F2FEBC93CBB6897] - 01/10/2011 - 02:21:28 ---A- . (.GenesysLogic Technologies, Inc. - uvclf.sys.) -- C:\WINDOWS\system32\drivers\uvclf.sys [39040]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 01/10/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.E0EE769D14128014965E03B433F5F46E] - 01/10/2011 - 22:05:26 ---A- . (.Atheros Communications, Inc. - Driver for Atheros AR5008 Wireless Network Adapter.) -- C:\WINDOWS\system32\athw.sys [1528928]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
O58 - SDL:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 01/10/2011 - 03:52:54 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\system32\pcampr5.sys [34688]
O58 - SDL:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 01/10/2011 - 03:52:54 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\pcandis5.sys [32128]
~ Scan Drivers in 00mn 02s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 20/08/2011 - C:\Program Files\SUPERAntiSpyware\SASCORE.exe - SAS Core Service(!SASCORE) .(.SUPERAntiSpyware.com - Core Service.) - LEGACY_!SASCORE
O64 - Services: CurCS - 20/08/2011 - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur(AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE
O64 - Services: CurCS - 20/08/2011 - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard(AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE
O64 - Services: CurCS - 17/06/2010 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO
O64 - Services: CurCS - 20/08/2011 - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 20/08/2011 - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 02/09/2008 - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe - Bluetooth Service(btwdins) .(.Broadcom Corporation. - Bluetooth Support Server.) - LEGACY_BTWDINS
O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\Stephane\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 29/11/2002 - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver(ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO
O64 - Services: CurCS - 27/01/2010 - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys - esgiguard (esgiguard) .(...) - LEGACY_ESGIGUARD
O64 - Services: CurCS - 30/11/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - 30/11/2010 - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater(gusvc) .(.Google - gusvc.) - LEGACY_GUSVC
O64 - Services: CurCS - 20/02/2008 - C:\WINDOWS\system32\PCAMPR5.sys - PCAMPR5 NDIS Protocol Driver(PCAMPR5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMPR5
O64 - Services: CurCS - 20/02/2008 - C:\WINDOWS\system32\PCANDIS5.sys - PCANDIS5 NDIS Protocol Driver(PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5
O64 - Services: CurCS - 20/08/2011 - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV(SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV
O64 - Services: CurCS - 20/08/2011 - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL(SASKUTIL) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - LEGACY_SASKUTIL
O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
~ Scan Services in 00mn 02s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing
O69 - SBI: SearchScopes [HKCU] {13F3C4B7-3FB6-4B66-9433-1A71394D7B9F} - (Google) - Google
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google
O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - Ask Toolbar
~ Scan Keys in 00mn 00s
---\\ Internet Feature Controls (O81)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
~ Scan Keys in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.F9E4595CB6B11C7AA625937A7F086EB9] [sPRF][18/08/2011] (.Swearware - ComboFix NSIS Installer.) -- C:\Documents and Settings\Stephane\Bureau\ComboFix.exe [4177864]
[MD5.B3DBF67B5F1591366AE9C93AEF742668] [sPRF][18/08/2011] (.Mozilla - Firefox.) -- C:\Documents and Settings\Stephane\Bureau\Firefox Setup 6.0.exe [14100808]
[MD5.3011790AFC6C86D059922C1C64326F9B] [sPRF][25/07/2010] (...) -- C:\Documents and Settings\Stephane\Bureau\Load_tdsskiller.exe [845916]
[MD5.6AE625D478C96A378DFC9683F9DB34BA] [sPRF][25/07/2010] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Documents and Settings\Stephane\Bureau\mbam-setup-1.46.exe [6153352]
[MD5.9FAAB868CD5E13205758F8CAFCD7D9FA] [sPRF][25/07/2010] (...) -- C:\Documents and Settings\Stephane\Bureau\rkill.com [363520]
[MD5.F17BB5E20DD431BD92F7C74A0ADFDA29] [sPRF][30/11/2010] (.Skype Technologies S.A. - Skype.) -- C:\Documents and Settings\Stephane\Bureau\SkypeSetup.exe [955784]
[MD5.EF5F9BC2EE712E94E0A2A39FF9925A57] [sPRF][22/07/2010] (.Enigma Software Group USA, LLC. - SpyHunter Downloader.) -- C:\Documents and Settings\Stephane\Bureau\SpyHunter-Installer.exe [662872]
[MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][07/12/2004] (...) -- C:\WINDOWS\Downloaded Program Files\bdcore.dll [32]
[MD5.298068536300DA6DC163E394797A7C50] [sPRF][25/05/2006] (...) -- C:\WINDOWS\Downloaded Program Files\bdupd.dll [118784]
[MD5.1CAB87DE6638846FBF51F32B5D95E482] [sPRF][25/05/2006] (...) -- C:\WINDOWS\Downloaded Program Files\ipsupd.dll [53248]
[MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][07/12/2004] (...) -- C:\WINDOWS\Downloaded Program Files\libfn.dll [32]
~ Scan Files in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 8646 - (29/09/2011)
Clés trouvées (Keys found) : 32
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 0
[HKCU\Software\AppDataLow\AskBarDis] =>Toolbar.AskBarDis
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1] =>Toolbar.AskTBar
[HKLM\Software\Classes\askibar.popswatterbarbutton] =>Toolbar.AskTBar
[HKLM\Software\Classes\askibar.popswatterbarbutton.1] =>Toolbar.AskTBar
[HKLM\Software\Classes\askibar.popswattersettingscontrol] =>Toolbar.AskTBar
[HKLM\Software\Classes\askibar.popswattersettingscontrol.1] =>Toolbar.AskTBar
[HKLM\Software\Classes\asktoolbar.settingsplugin] =>Toolbar.AskTBar
[HKLM\Software\Classes\asktoolbar.settingsplugin.1] =>Toolbar.AskTBar
[HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{08993a7c-e764-4172-9627-bfb5ea6897b2}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{128a6c66-ac6a-4617-8268-ab7f47b7215e}] =>Adware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar
[HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar
[HKLM\Software\Classes\Interface\{4634804a-f0b0-4a74-a550-fc0eef8a4362}] =>Adware.BHO
[HKLM\Software\Classes\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] =>Toolbar.SweetIM
[HKLM\Software\Classes\Interface\{4c07ea4f-5f52-4222-b170-4cd9ed33baea}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{571715d7-3395-4df0-b43c-784836209e60}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{c44feff4-ef0c-4cf7-83d0-92b4266a32b9}] =>Adware.BHO
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cf739809-1c6c-47c0-85b9-569dbb141420}] =>Toolbar.AskBarDis
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{cf739809-1c6c-47c0-85b9-569dbb141420}] =>Toolbar.AskBarDis
[HKLM\Software\Classes\TypeLib\{d2e5fa06-dcc7-46f9-beff-bfd06f69b9b2}] =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{f131923c-381d-4e4c-a472-4a17118fd742}] =>Adware.BHO
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{3041d03e-fd4b-44e0-b742-2d9b88305f98} =>Toolbar.AskTBar
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{3041d03e-fd4b-44e0-b742-2d9b88305f98} =>Toolbar.AskTBar
C:\Program Files\Enigma Software Group\SpyHunter =>Crapware.SpyHunter
C:\Program Files\AskBarDis =>Toolbar.AskBarDis
~ Scan Additionnel in 00mn 15s
---\\ Recherche détournement de DNS routeur (O89)
Serveur : UnKnown
Address: 192.168.1.254
Nom : www.l.google.com
Addresses: 74.125.39.106, 74.125.39.104, 74.125.39.103, 74.125.39.99
74.125.39.105, 74.125.39.147
Aliases: www.google.fr, www.google.com
~ Scan DNS in 00mn 02s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 01/10/2011 116608 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe
SR - | Auto 01/10/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 01/10/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SS - | Demand 01/10/2011 195336 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe
SR - | Auto 01/10/2011 346720 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
SS - | Demand 01/10/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 01/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 01/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 01/10/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 01/10/2011 327064 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.exe
~ Scan Services in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
Run by Stephane at 01/10/2011 15:11:13
device: opened successfully
user: MBR read successfully
Disk trace:
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 05s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Stephane at 01/10/2011 15:11:15
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s
End of the scan (1186 lines in 02mn 10s)(0)