houch

Cliquez ici. resultat windirs Cliquez ici.

Cliquez ici. pas vu d'anomalie avec windrstat j'ai une fenetre au demarrage qui me dit que azuslive à cessé de fonctionner Cliquez ici.

Merci de ton aide. Je m'exécute. Voici le rapport ZHPDiag.

--- 25 mai à 07:21 --- bjr mon dd est saturé alors que je n'ai rien dessus je ne trouve pas de solution virus ou autre ? ordi portable azus windows 7 familliale merci de vos conseils --- 1er juin à 07:37 --- personne pour m'aider ? merci -édit- Dans cette section, il ne faut pas insérer de « up » dans ton sujet : au vu de la présence d'une « réponse », les helpers ne s'y intéresseront pas, croyant le problème pris en mains par l'un des leurs. Tu peux en revanche poster un petit rappel dans le sujet « On m'a oublié ! », épinglé en tête de la section et prévu à cet effet… --- 3 juin à 14:15 --- on m'a oublié ? --- 3 juin à 14:27 --- bonjour mon ordi est saturé sans raison : pas de video, ni image ni musique ect... azus portable merci de votre aide -édit- Tu ne sembles pas avoir compris ma première remarque… Évite de multiplier les messages, et même les sujets, tu risques d'agacer… Comme je te l'indiquais il y a deux jours, poste plutôt un petit rappel dans le sujet « On m'a oublié ! », épinglé en tête de la section et prévu à cet effet…

Bonjour AUcune aide dispo sur ce forum ? merci

a priori il s'agit de smart links ou smart tags ?

bjr j'ai oublié : PC portable windows 7 edition familliale

Bjr sur le web qquesoit le navigateur et sur tous les sites j'ai des liens sur des mots de texte avec une petite fenetre (text enhance) : si je clic je tombe sur un site de jeu concours qui m'annonce être lheureux gagnant... Comment nettoyer ca ? merci de votre aide

Le pb semble réglé Merci pour votre aide efficace

Rapport de ZHPFix 1.12.3362 par Nicolas Coolman, Update du 23/09/2011 Fichier d'export Registre : Run by Stephane at 02/10/2011 16:28:28 Windows XP Home Edition Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Logiciel(s) ========== ABSENT Uninstall Process: c:\program files\regcure\uninst.exe SUPPRIME O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM] -- {4FC9DA9D-F608-454E-8191-D7EFFDCC5726} SUPPRIME O42 - Logiciel: Foxit Toolbar - (.Ask.com.) [HKLM] -- Ask Toolbar_is1 SUPPRIME O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6} ========== Clé(s) du Registre ========== SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegCure] ABSENT Key: Service: SpyHunter 4 Service ABSENT Key: HKCU\Software\TG0PTF86JH ABSENT Key: Service Legacy: LEGACY_ESGIGUARD SUPPRIME Key: SearchScopes :{0633EE93-D776-472f-A0FF-E1416B8B2E3A} SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1 ABSENT Key: HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f} ABSENT Key: HKLM\Software\Classes\CLSID\{08993a7c-e764-4172-9627-bfb5ea6897b2} ABSENT Key: HKLM\Software\Classes\CLSID\{128a6c66-ac6a-4617-8268-ab7f47b7215e} ABSENT Key: HKLM\Software\Classes\Interface\{4634804a-f0b0-4a74-a550-fc0eef8a4362} ABSENT Key: HKLM\Software\Classes\Interface\{4c07ea4f-5f52-4222-b170-4cd9ed33baea} ABSENT Key: HKLM\Software\Classes\CLSID\{571715d7-3395-4df0-b43c-784836209e60} ABSENT Key: HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf} ABSENT Key: HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b} ABSENT Key: HKLM\Software\Classes\Interface\{c44feff4-ef0c-4cf7-83d0-92b4266a32b9} ABSENT Key: HKLM\Software\Classes\TypeLib\{d2e5fa06-dcc7-46f9-beff-bfd06f69b9b2} ABSENT Key: HKLM\Software\Classes\Interface\{f131923c-381d-4e4c-a472-4a17118fd742} ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service ABSENT Key: CLSID BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} ABSENT Key: HKCU\Software\AppDataLow\AskBarDis ABSENT Key: HKCU\Software\AskBarDis SUPPRIME Key: HKLM\Software\AskBarDis ABSENT SearchScopes :{CF739809-1C6C-47C0-85B9-569DBB141420} ABSENT Key: HKLM\Software\Classes\askibar.popswatterbarbutton ABSENT Key: HKLM\Software\Classes\askibar.popswatterbarbutton.1 ABSENT Key: HKLM\Software\Classes\askibar.popswattersettingscontrol ABSENT Key: HKLM\Software\Classes\askibar.popswattersettingscontrol.1 ABSENT Key: HKLM\Software\Classes\asktoolbar.settingsplugin ABSENT Key: HKLM\Software\Classes\asktoolbar.settingsplugin.1 SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed} ABSENT Key: HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed} ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98} ABSENT Key: HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98} ABSENT Key: HKLM\Software\Classes\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150} ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cf739809-1c6c-47c0-85b9-569dbb141420} SUPPRIME Key: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{cf739809-1c6c-47c0-85b9-569dbb141420} ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1 ========== Valeur(s) du Registre ========== SUPPRIME IFC: [FEATURE_BROWSER_EMULATION] svchost.exe ABSENT IFC: [FEATURE_BROWSER_EMULATION] svchost.exe ABSENT Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} ABSENT [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{3041d03e-fd4b-44e0-b742-2d9b88305f98} ABSENT [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{3041d03e-fd4b-44e0-b742-2d9b88305f98} ========== Elément(s) de donnée du Registre ========== REMPLACE Value AntiVirusOverride : Good (0) - Bad (1) ========== Dossier(s) ========== ABSENT C:\Program Files\RegCure SUPPRIME Folder: c:\program files\enigma software group\spyhunter ABSENT C:\Program Files\AskBarDis SUPPRIME Temporaires Windows: : 7 ========== Fichier(s) ========== ABSENT Folder/File: c:\progra~1\enigma~1\spyhun~1\sh4ser~1.exe ABSENT File: c:\progra~1\enigma~1\spyhun~1\sh4ser~1.exe ABSENT File: c:\windows\tasks\regcure program check.job ABSENT File: c:\windows\tasks\regcure.job ABSENT Folder/File: c:\documents and settings\stephane\application data\mozilla\firefox\profiles\1gzqwcot.default\user.js (.not file.) SUPPRIME File: c:\documents and settings\all users\menu démarrer\programmes\favoris bluetooth.lnk ABSENT File: c:\program files\askbardis\bar\bin\askbar.dll ABSENT Folder/File: c:\program files\askbardis SUPPRIME Temporaires Windows: : 36 ========== Autre ========== NON TRAITE TOOLBAR INUTILE (Navigateur internet) ========== Récapitulatif ========== 41 : Clé(s) du Registre 5 : Valeur(s) du Registre 1 : Elément(s) de donnée du Registre 4 : Dossier(s) 9 : Fichier(s) 4 : Logiciel(s) 1 : Autre End of clean in 01mn 26s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 02/10/2011 16:28:28 [5673]

le voici 11:13:33.0781 3484 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43 11:13:33.0953 3484 ============================================================ 11:13:33.0953 3484 Current date / time: 2011/10/02 11:13:33.0953 11:13:33.0953 3484 SystemInfo: 11:13:33.0953 3484 11:13:33.0953 3484 OS Version: 5.1.2600 ServicePack: 3.0 11:13:33.0953 3484 Product type: Workstation 11:13:33.0953 3484 ComputerName: YOUR-57I8G5C8PD 11:13:33.0953 3484 UserName: Stephane 11:13:33.0953 3484 Windows directory: C:\WINDOWS 11:13:33.0953 3484 System windows directory: C:\WINDOWS 11:13:33.0953 3484 Processor architecture: Intel x86 11:13:33.0953 3484 Number of processors: 2 11:13:33.0953 3484 Page size: 0x1000 11:13:33.0953 3484 Boot type: Normal boot 11:13:33.0953 3484 ============================================================ 11:13:34.0843 3484 Initialize success 11:13:37.0703 2160 ============================================================ 11:13:37.0703 2160 Scan started 11:13:37.0703 2160 Mode: Manual; 11:13:37.0703 2160 ============================================================ 11:13:38.0828 2160 Abiosdsk - ok 11:13:38.0843 2160 abp480n5 - ok 11:13:38.0921 2160 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 11:13:38.0921 2160 ACPI - ok 11:13:38.0953 2160 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 11:13:38.0968 2160 ACPIEC - ok 11:13:38.0984 2160 adpu160m - ok 11:13:39.0031 2160 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 11:13:39.0078 2160 aec - ok 11:13:39.0187 2160 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 11:13:39.0187 2160 AFD - ok 11:13:39.0218 2160 Aha154x - ok 11:13:39.0234 2160 aic78u2 - ok 11:13:39.0265 2160 aic78xx - ok 11:13:39.0312 2160 AliIde - ok 11:13:39.0421 2160 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys 11:13:39.0546 2160 Ambfilt - ok 11:13:39.0609 2160 amsint - ok 11:13:39.0718 2160 AR5416 (e0ee769d14128014965e03b433f5f46e) C:\WINDOWS\system32\DRIVERS\athw.sys 11:13:39.0750 2160 AR5416 - ok 11:13:39.0828 2160 asc - ok 11:13:39.0843 2160 asc3350p - ok 11:13:39.0859 2160 asc3550 - ok 11:13:39.0906 2160 AsusACPI (12415a4b61ded200fe9932b47a35fa42) C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys 11:13:39.0921 2160 AsusACPI - ok 11:13:39.0953 2160 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 11:13:39.0968 2160 AsyncMac - ok 11:13:40.0000 2160 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 11:13:40.0031 2160 atapi - ok 11:13:40.0125 2160 Atdisk - ok 11:13:40.0187 2160 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 11:13:40.0203 2160 Atmarpc - ok 11:13:40.0250 2160 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 11:13:40.0265 2160 audstub - ok 11:13:40.0359 2160 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 11:13:40.0375 2160 avgio - ok 11:13:40.0437 2160 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 11:13:40.0453 2160 avgntflt - ok 11:13:40.0484 2160 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\WINDOWS\system32\DRIVERS\avipbb.sys 11:13:40.0515 2160 avipbb - ok 11:13:40.0578 2160 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 11:13:40.0593 2160 Beep - ok 11:13:40.0671 2160 btaudio (4b43dfe1c1fbb305a1dc5504ef9bb34e) C:\WINDOWS\system32\drivers\btaudio.sys 11:13:40.0718 2160 btaudio - ok 11:13:40.0812 2160 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys 11:13:40.0828 2160 BTDriver - ok 11:13:40.0937 2160 BTKRNL (70455baffc078b6152d1e52376296467) C:\WINDOWS\system32\DRIVERS\btkrnl.sys 11:13:40.0984 2160 BTKRNL - ok 11:13:41.0093 2160 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys 11:13:41.0125 2160 BTWDNDIS - ok 11:13:41.0156 2160 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys 11:13:41.0171 2160 btwhid - ok 11:13:41.0187 2160 BTWUSB (2cfc2bd8785f82a42fcad83de1fa5a36) C:\WINDOWS\system32\Drivers\btwusb.sys 11:13:41.0218 2160 BTWUSB - ok 11:13:41.0343 2160 catchme - ok 11:13:41.0437 2160 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 11:13:41.0453 2160 cbidf2k - ok 11:13:41.0500 2160 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 11:13:41.0500 2160 CCDECODE - ok 11:13:41.0515 2160 cd20xrnt - ok 11:13:41.0562 2160 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 11:13:41.0578 2160 Cdaudio - ok 11:13:41.0640 2160 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 11:13:41.0656 2160 Cdfs - ok 11:13:41.0750 2160 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 11:13:41.0765 2160 Cdrom - ok 11:13:41.0781 2160 Changer - ok 11:13:41.0843 2160 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 11:13:41.0859 2160 CmBatt - ok 11:13:41.0859 2160 CmdIde - ok 11:13:41.0890 2160 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 11:13:41.0906 2160 Compbatt - ok 11:13:41.0921 2160 Cpqarray - ok 11:13:41.0953 2160 dac2w2k - ok 11:13:41.0968 2160 dac960nt - ok 11:13:42.0000 2160 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 11:13:42.0015 2160 Disk - ok 11:13:42.0093 2160 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 11:13:42.0125 2160 dmboot - ok 11:13:42.0218 2160 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 11:13:42.0234 2160 dmio - ok 11:13:42.0265 2160 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 11:13:42.0281 2160 dmload - ok 11:13:42.0328 2160 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 11:13:42.0343 2160 DMusic - ok 11:13:42.0359 2160 dpti2o - ok 11:13:42.0390 2160 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 11:13:42.0390 2160 drmkaud - ok 11:13:42.0500 2160 ElbyCDFL (59c9e1336a4508f059827d638e924c62) C:\WINDOWS\system32\Drivers\ElbyCDFL.sys 11:13:42.0515 2160 ElbyCDFL - ok 11:13:42.0531 2160 ElbyCDIO (389823db299b350f2ee830d47376eeac) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys 11:13:42.0531 2160 ElbyCDIO - ok 11:13:42.0562 2160 ElbyVCD (c4143fc2f7d39a5a8b1cfe0bc4bd8a9e) C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys 11:13:42.0578 2160 ElbyVCD - ok 11:13:42.0703 2160 esgiguard (051a2e2a75adb6d1c5c27e940fdabcba) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys 11:13:42.0703 2160 esgiguard - ok 11:13:42.0843 2160 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 11:13:42.0859 2160 Fastfat - ok 11:13:42.0906 2160 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 11:13:42.0921 2160 Fdc - ok 11:13:42.0953 2160 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 11:13:42.0953 2160 Fips - ok 11:13:42.0984 2160 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 11:13:43.0000 2160 Flpydisk - ok 11:13:43.0093 2160 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 11:13:43.0125 2160 FltMgr - ok 11:13:43.0171 2160 fssfltr (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys 11:13:43.0171 2160 fssfltr - ok 11:13:43.0218 2160 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 11:13:43.0234 2160 Fs_Rec - ok 11:13:43.0265 2160 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 11:13:43.0281 2160 Ftdisk - ok 11:13:43.0375 2160 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 11:13:43.0390 2160 Gpc - ok 11:13:43.0437 2160 GTUHSBUS (884199f75305f58038480f31e47604b7) C:\WINDOWS\system32\DRIVERS\gtuhsbus.sys 11:13:43.0453 2160 GTUHSBUS - ok 11:13:43.0484 2160 GTUHSNDISIPXP (26ea5eae39a48fc6667fcd35753dcfff) C:\WINDOWS\system32\DRIVERS\gtuhs51.sys 11:13:43.0500 2160 GTUHSNDISIPXP - ok 11:13:43.0531 2160 GTUHSSER (84f1e6dd27a401c7e69e277fd74aefde) C:\WINDOWS\system32\DRIVERS\gtuhsser.sys 11:13:43.0531 2160 GTUHSSER - ok 11:13:43.0640 2160 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 11:13:43.0640 2160 HDAudBus - ok 11:13:43.0703 2160 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 11:13:43.0718 2160 HidUsb - ok 11:13:43.0750 2160 hpn - ok 11:13:43.0796 2160 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 11:13:43.0812 2160 HTTP - ok 11:13:43.0875 2160 i2omgmt - ok 11:13:43.0890 2160 i2omp - ok 11:13:43.0937 2160 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 11:13:43.0953 2160 i8042prt - ok 11:13:44.0187 2160 ialm (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 11:13:44.0421 2160 ialm - ok 11:13:44.0546 2160 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\WINDOWS\system32\drivers\iaStor.sys 11:13:44.0546 2160 iaStor - ok 11:13:44.0593 2160 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 11:13:44.0609 2160 Imapi - ok 11:13:44.0625 2160 ini910u - ok 11:13:44.0843 2160 IntcAzAudAddService (afa6853aa949b5e151e4a10f6805b5b2) C:\WINDOWS\system32\drivers\RtkHDAud.sys 11:13:44.0984 2160 IntcAzAudAddService - ok 11:13:45.0062 2160 IntelIde - ok 11:13:45.0109 2160 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 11:13:45.0109 2160 intelppm - ok 11:13:45.0156 2160 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 11:13:45.0156 2160 Ip6Fw - ok 11:13:45.0187 2160 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 11:13:45.0203 2160 IpFilterDriver - ok 11:13:45.0218 2160 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 11:13:45.0218 2160 IpInIp - ok 11:13:45.0250 2160 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 11:13:45.0250 2160 IpNat - ok 11:13:45.0312 2160 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 11:13:45.0312 2160 IPSec - ok 11:13:45.0421 2160 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 11:13:45.0437 2160 IRENUM - ok 11:13:45.0484 2160 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 11:13:45.0484 2160 isapnp - ok 11:13:45.0546 2160 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 11:13:45.0562 2160 Kbdclass - ok 11:13:45.0640 2160 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 11:13:45.0656 2160 kmixer - ok 11:13:45.0703 2160 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 11:13:45.0703 2160 KSecDD - ok 11:13:45.0750 2160 L1c (6c8658587e91ea25b0fd2e71781ad228) C:\WINDOWS\system32\DRIVERS\l1c51x86.sys 11:13:45.0750 2160 L1c - ok 11:13:45.0781 2160 lbrtfdc - ok 11:13:45.0843 2160 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys 11:13:45.0843 2160 MBAMProtector - ok 11:13:45.0921 2160 MBAMSwissArmy - ok 11:13:45.0984 2160 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 11:13:45.0984 2160 mnmdd - ok 11:13:46.0046 2160 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 11:13:46.0046 2160 Modem - ok 11:13:46.0125 2160 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys 11:13:46.0187 2160 Monfilt - ok 11:13:46.0281 2160 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 11:13:46.0296 2160 Mouclass - ok 11:13:46.0343 2160 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 11:13:46.0343 2160 mouhid - ok 11:13:46.0390 2160 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 11:13:46.0406 2160 MountMgr - ok 11:13:46.0421 2160 mraid35x - ok 11:13:46.0453 2160 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 11:13:46.0484 2160 MRxDAV - ok 11:13:46.0578 2160 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 11:13:46.0593 2160 MRxSmb - ok 11:13:46.0671 2160 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 11:13:46.0687 2160 Msfs - ok 11:13:46.0718 2160 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 11:13:46.0734 2160 MSKSSRV - ok 11:13:46.0765 2160 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 11:13:46.0781 2160 MSPCLOCK - ok 11:13:46.0781 2160 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 11:13:46.0796 2160 MSPQM - ok 11:13:46.0828 2160 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 11:13:46.0843 2160 mssmbios - ok 11:13:46.0843 2160 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 11:13:46.0859 2160 MSTEE - ok 11:13:46.0906 2160 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 11:13:46.0906 2160 Mup - ok 11:13:46.0984 2160 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 11:13:47.0000 2160 NABTSFEC - ok 11:13:47.0031 2160 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 11:13:47.0062 2160 NDIS - ok 11:13:47.0109 2160 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 11:13:47.0109 2160 NdisIP - ok 11:13:47.0156 2160 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 11:13:47.0171 2160 NdisTapi - ok 11:13:47.0203 2160 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 11:13:47.0218 2160 Ndisuio - ok 11:13:47.0281 2160 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 11:13:47.0296 2160 NdisWan - ok 11:13:47.0343 2160 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 11:13:47.0343 2160 NDProxy - ok 11:13:47.0375 2160 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 11:13:47.0375 2160 NetBIOS - ok 11:13:47.0421 2160 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 11:13:47.0453 2160 NetBT - ok 11:13:47.0484 2160 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 11:13:47.0500 2160 Npfs - ok 11:13:47.0531 2160 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 11:13:47.0609 2160 Ntfs - ok 11:13:47.0703 2160 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 11:13:47.0703 2160 Null - ok 11:13:47.0750 2160 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 11:13:47.0750 2160 NwlnkFlt - ok 11:13:47.0765 2160 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 11:13:47.0781 2160 NwlnkFwd - ok 11:13:47.0828 2160 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys 11:13:47.0828 2160 Parport - ok 11:13:47.0921 2160 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 11:13:47.0921 2160 PartMgr - ok 11:13:47.0984 2160 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 11:13:47.0984 2160 ParVdm - ok 11:13:48.0031 2160 PCAMPR5 (b670c5d89f0726b7a2a7dfb4e968cdf8) C:\WINDOWS\system32\PCAMPR5.SYS 11:13:48.0031 2160 PCAMPR5 - ok 11:13:48.0093 2160 PCANDIS5 (ecd2f9d67b06606064daf6961a6d5efe) C:\WINDOWS\system32\PCANDIS5.SYS 11:13:48.0109 2160 PCANDIS5 - ok 11:13:48.0250 2160 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 11:13:48.0265 2160 PCI - ok 11:13:48.0281 2160 PCIDump - ok 11:13:48.0296 2160 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 11:13:48.0296 2160 PCIIde - ok 11:13:48.0343 2160 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 11:13:48.0359 2160 Pcmcia - ok 11:13:48.0359 2160 PDCOMP - ok 11:13:48.0375 2160 PDFRAME - ok 11:13:48.0390 2160 PDRELI - ok 11:13:48.0406 2160 PDRFRAME - ok 11:13:48.0421 2160 perc2 - ok 11:13:48.0437 2160 perc2hib - ok 11:13:48.0515 2160 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 11:13:48.0531 2160 PptpMiniport - ok 11:13:48.0593 2160 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 11:13:48.0609 2160 PSched - ok 11:13:48.0640 2160 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 11:13:48.0656 2160 Ptilink - ok 11:13:48.0671 2160 ql1080 - ok 11:13:48.0687 2160 Ql10wnt - ok 11:13:48.0687 2160 ql12160 - ok 11:13:48.0703 2160 ql1240 - ok 11:13:48.0718 2160 ql1280 - ok 11:13:48.0750 2160 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 11:13:48.0750 2160 RasAcd - ok 11:13:48.0781 2160 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 11:13:48.0796 2160 Rasl2tp - ok 11:13:48.0828 2160 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 11:13:48.0843 2160 RasPppoe - ok 11:13:48.0859 2160 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 11:13:48.0875 2160 Raspti - ok 11:13:48.0968 2160 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 11:13:49.0000 2160 Rdbss - ok 11:13:49.0031 2160 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 11:13:49.0046 2160 RDPCDD - ok 11:13:49.0093 2160 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 11:13:49.0109 2160 RDPWD - ok 11:13:49.0218 2160 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 11:13:49.0218 2160 redbook - ok 11:13:49.0343 2160 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 11:13:49.0343 2160 SASDIFSV - ok 11:13:49.0359 2160 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 11:13:49.0375 2160 SASKUTIL - ok 11:13:49.0500 2160 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 11:13:49.0500 2160 Secdrv - ok 11:13:49.0546 2160 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 11:13:49.0562 2160 Serial - ok 11:13:49.0609 2160 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 11:13:49.0609 2160 Sfloppy - ok 11:13:49.0640 2160 Simbad - ok 11:13:49.0671 2160 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 11:13:49.0687 2160 SLIP - ok 11:13:49.0703 2160 Sparrow - ok 11:13:49.0750 2160 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 11:13:49.0765 2160 splitter - ok 11:13:49.0890 2160 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 11:13:49.0906 2160 sr - ok 11:13:49.0953 2160 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 11:13:49.0968 2160 Srv - ok 11:13:50.0015 2160 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 11:13:50.0031 2160 ssmdrv - ok 11:13:50.0062 2160 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 11:13:50.0078 2160 streamip - ok 11:13:50.0140 2160 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 11:13:50.0140 2160 swenum - ok 11:13:50.0265 2160 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 11:13:50.0281 2160 swmidi - ok 11:13:50.0312 2160 symc810 - ok 11:13:50.0328 2160 symc8xx - ok 11:13:50.0343 2160 sym_hi - ok 11:13:50.0359 2160 sym_u3 - ok 11:13:50.0406 2160 SynTP (8e25a1dbb8527b2074af9b682f818768) C:\WINDOWS\system32\DRIVERS\SynTP.sys 11:13:50.0437 2160 SynTP - ok 11:13:50.0468 2160 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 11:13:50.0484 2160 sysaudio - ok 11:13:50.0531 2160 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 11:13:50.0546 2160 Tcpip - ok 11:13:50.0640 2160 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 11:13:50.0656 2160 TDPIPE - ok 11:13:50.0671 2160 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 11:13:50.0687 2160 TDTCP - ok 11:13:50.0718 2160 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 11:13:50.0734 2160 TermDD - ok 11:13:50.0765 2160 TosIde - ok 11:13:50.0890 2160 TrueSight (155b6cb5488f3194208012e7f9b8d888) C:\Documents and Settings\Stephane\Bureau\TrueSight.sys 11:13:50.0906 2160 TrueSight - ok 11:13:50.0984 2160 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 11:13:51.0000 2160 Udfs - ok 11:13:51.0015 2160 ultra - ok 11:13:51.0062 2160 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 11:13:51.0109 2160 Update - ok 11:13:51.0171 2160 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 11:13:51.0187 2160 usbccgp - ok 11:13:51.0218 2160 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 11:13:51.0234 2160 usbehci - ok 11:13:51.0312 2160 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 11:13:51.0328 2160 usbhub - ok 11:13:51.0359 2160 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 11:13:51.0375 2160 usbscan - ok 11:13:51.0421 2160 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 11:13:51.0437 2160 usbstor - ok 11:13:51.0453 2160 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 11:13:51.0468 2160 usbuhci - ok 11:13:51.0578 2160 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 11:13:51.0593 2160 usbvideo - ok 11:13:51.0656 2160 uvclf (c019889035cdc1a06f2febc93cbb6897) C:\WINDOWS\system32\DRIVERS\uvclf.sys 11:13:51.0671 2160 uvclf - ok 11:13:51.0718 2160 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 11:13:51.0734 2160 VgaSave - ok 11:13:51.0796 2160 ViaIde - ok 11:13:51.0859 2160 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 11:13:51.0875 2160 VolSnap - ok 11:13:51.0937 2160 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 11:13:51.0953 2160 Wanarp - ok 11:13:52.0031 2160 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys 11:13:52.0078 2160 Wdf01000 - ok 11:13:52.0156 2160 WDICA - ok 11:13:52.0218 2160 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 11:13:52.0234 2160 wdmaud - ok 11:13:52.0328 2160 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 11:13:52.0328 2160 WS2IFSL - ok 11:13:52.0359 2160 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 11:13:52.0375 2160 WSTCODEC - ok 11:13:52.0421 2160 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 11:13:52.0437 2160 WudfPf - ok 11:13:52.0515 2160 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 11:13:52.0531 2160 WudfRd - ok 11:13:52.0625 2160 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 11:13:52.0843 2160 \Device\Harddisk0\DR0 - ok 11:13:52.0859 2160 Boot (0x1200) (d6bd8c3d036f3ea4eadfffad1227fffa) \Device\Harddisk0\DR0\Partition0 11:13:52.0859 2160 \Device\Harddisk0\DR0\Partition0 - ok 11:13:52.0890 2160 Boot (0x1200) (23d9801df2bad941df900c69868db793) \Device\Harddisk0\DR0\Partition1 11:13:52.0890 2160 \Device\Harddisk0\DR0\Partition1 - ok 11:13:52.0890 2160 ============================================================ 11:13:52.0890 2160 Scan finished 11:13:52.0890 2160 ============================================================ 11:13:52.0906 1768 Detected object count: 0 11:13:52.0906 1768 Actual detected object count: 0

il est vierge

APRES SUPPRESSION Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 7840 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 01/10/2011 18:18:46 mbam-log-2011-10-01 (18-18-46).txt Type d'examen: Examen complet (C:\|D:\|F:\|H:\|) Elément(s) analysé(s): 284119 Temps écoulé: 41 minute(s), 27 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\TG0PTF86JH (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Value: 24d1ca9a-a864-4f7b-86fe-495eb56529d8 -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> Value: 7bde84a2-f58f-46ec-9eac-f1f90fead080 -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): h:\installation\flash\macromedia studio 8.0 - keygen.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.

Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 7840 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 01/10/2011 18:16:21 mbam-log-2011-10-01 (18-16-16).txt Type d'examen: Examen complet (C:\|D:\|F:\|H:\|) Elément(s) analysé(s): 284119 Temps écoulé: 41 minute(s), 27 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\TG0PTF86JH (Trojan.FakeAlert) -> No action taken. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Value: 24d1ca9a-a864-4f7b-86fe-495eb56529d8 -> No action taken. HKEY_CURRENT_USER\SOFTWARE\7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> Value: 7bde84a2-f58f-46ec-9eac-f1f90fead080 -> No action taken. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): h:\installation\flash\macromedia studio 8.0 - keygen.exe (Riskware.Tool.CK) -> No action taken.

RogueKiller V6.1.1 [28/09/2011] par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/35) Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: Stephane [Droits d'admin] Mode: Recherche -- Date : 01/10/2011 17:00:31 Processus malicieux: 0 Entrees de registre: 1 [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND Fichiers / Dossiers particuliers: Driver: [LOADED] SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS @ 0xA5175640) Fichier HOSTS: 127.0.0.1 localhost 74.125.45.100 4-open-davinci.com 74.125.45.100 securitysoftwarepayments.com 74.125.45.100 privatesecuredpayments.com 74.125.45.100 secure.privatesecuredpayments.com 74.125.45.100 getantivirusplusnow.com 74.125.45.100 secure-plus-payments.com 74.125.45.100 www.getantivirusplusnow.com 74.125.45.100 www.secure-plus-payments.com 74.125.45.100 www.getavplusnow.com 74.125.45.100 safebrowsing-cache.google.com 74.125.45.100 www.securesoftwarebill.com 74.125.45.100 secure.paysecuresystem.com 74.125.45.100 paysoftbillsolution.com 74.125.45.100 protected.maxisoftwaremart.com 74.55.47.101 www.google.com 74.55.47.101 google.com 74.55.47.101 google.com.au 74.55.47.101 www.google.com.au 74.55.47.101 google.be [...] Termine : << RKreport[1].txt >> RKreport[1].txt MODE 2 RogueKiller V6.1.1 [28/09/2011] par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/35) Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: Stephane [Droits d'admin] Mode: Suppression -- Date : 01/10/2011 17:02:34 Processus malicieux: 0 Entrees de registre: 1 [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) Fichiers / Dossiers particuliers: Driver: [LOADED] SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS @ 0xA5175640) Fichier HOSTS: 127.0.0.1 localhost 74.125.45.100 4-open-davinci.com 74.125.45.100 securitysoftwarepayments.com 74.125.45.100 privatesecuredpayments.com 74.125.45.100 secure.privatesecuredpayments.com 74.125.45.100 getantivirusplusnow.com 74.125.45.100 secure-plus-payments.com 74.125.45.100 www.getantivirusplusnow.com 74.125.45.100 www.secure-plus-payments.com 74.125.45.100 www.getavplusnow.com 74.125.45.100 safebrowsing-cache.google.com 74.125.45.100 www.securesoftwarebill.com 74.125.45.100 secure.paysecuresystem.com 74.125.45.100 paysoftbillsolution.com 74.125.45.100 protected.maxisoftwaremart.com 74.55.47.101 www.google.com 74.55.47.101 google.com 74.55.47.101 google.com.au 74.55.47.101 www.google.com.au 74.55.47.101 google.be [...] Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt MODE 3 RogueKiller V6.1.1 [28/09/2011] par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/35) Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: Stephane [Droits d'admin] Mode: HOSTS RAZ -- Date : 01/10/2011 17:03:39 Processus malicieux: 0 Driver: [LOADED] Fichier HOSTS: 127.0.0.1 localhost 74.125.45.100 4-open-davinci.com 74.125.45.100 securitysoftwarepayments.com 74.125.45.100 privatesecuredpayments.com 74.125.45.100 secure.privatesecuredpayments.com 74.125.45.100 getantivirusplusnow.com 74.125.45.100 secure-plus-payments.com 74.125.45.100 www.getantivirusplusnow.com 74.125.45.100 www.secure-plus-payments.com 74.125.45.100 www.getavplusnow.com 74.125.45.100 safebrowsing-cache.google.com 74.125.45.100 www.securesoftwarebill.com 74.125.45.100 secure.paysecuresystem.com 74.125.45.100 paysoftbillsolution.com 74.125.45.100 protected.maxisoftwaremart.com 74.55.47.101 www.google.com 74.55.47.101 google.com 74.55.47.101 google.com.au 74.55.47.101 www.google.com.au 74.55.47.101 google.be [...] Nouveau fichier HOSTS: 127.0.0.1 localhost Termine : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

# AdwCleaner v1.309 - Rapport créé le 01/10/2011 à 16:50:39 # Mis à jour le 29/09/11 à 20h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Stephane - YOUR-57I8G5C8PD (Administrateur) # Exécuté depuis : C:\Documents and Settings\Stephane\Mes documents\Téléchargements\adwcleaner0.exe # Option [suppression] ***** [KillNav] ***** # firefox.exe [PID:1248] -> Tué ***** [Processus] ***** ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** ***** [Navigateurs] ***** -\\ Internet Explorer v7.0.5730.13 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v6.0.1 (fr) Profil : 1gzqwcot.default Fichier : C:\Documents and Settings\Stephane\Application Data\Mozilla\Firefox\Profiles\1gzqwcot.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. -\\ Google Chrome v13.0.782.220 Fichier : C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1910 octets] - [01/10/2011 16:48:00] AdwCleaner[s1].txt - [2075 octets] - [01/10/2011 16:50:10] AdwCleaner[R2].txt - [1350 octets] - [01/10/2011 16:50:23] AdwCleaner[s2].txt - [1343 octets] - [01/10/2011 16:50:39] ************************* Dossier Temporaire : 0 dossier(s) et 0 fichier(s) supprimé(s) ########## EOF - C:\AdwCleaner[s2].txt - [1565 octets] ##########

# AdwCleaner v1.309 - Rapport créé le 01/10/2011 à 16:48:00 # Mis à jour le 29/09/11 à 20h par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Stephane - YOUR-57I8G5C8PD (Administrateur) # Exécuté depuis : C:\Documents and Settings\Stephane\Mes documents\Téléchargements\adwcleaner0.exe # Option [Recherche] ***** [Processus] ***** ***** [services] ***** ***** [Fichiers / Dossiers] ***** Fichier Présent : C:\Program Files\Mozilla FireFox\Components\AskSearch.js ***** [Registre] ***** Clé Présente : HKLM\SOFTWARE\AskBarDis Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98} ***** [Navigateurs] ***** -\\ Internet Explorer v7.0.5730.13 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v6.0.1 (fr) Profil : 1gzqwcot.default Fichier : C:\Documents and Settings\Stephane\Application Data\Mozilla\Firefox\Profiles\1gzqwcot.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. -\\ Google Chrome v13.0.782.220 Fichier : C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1781 octets] - [01/10/2011 16:48:00] ########## EOF - C:\AdwCleaner[R1].txt - [1909 octets] ##########

Rapport de ZHPDiag v1.28.136 par Nicolas Coolman, Update du 29/09/2011 Run by Stephane at 01/10/2011 15:09:05 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v7.0.5730.13 MFIE: Mozilla Firefox 6.0.1 v6.0.1 (Defaut) GCIE: Google Chrome v13.0.782.220 ---\\ Windows Product Information Windows XP Home Edition Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ System Information ~ Processor: x86 Family 6 Model 28 Stepping 2, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1015 MB (47% free) System Restore: Activé (Enable) System drive C: has 28 GB (38%) free of 72 GB ---\\ Logged in mode ~ Computer Name: YOUR-57I8G5C8PD ~ User Name: Stephane ~ All Users Names: SUPPORT_388945a0, Stephane, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Documents and Settings\Stephane\Application Data\ ~ %Desktop% : C:\Documents and Settings\Stephane\Bureau\ ~ %Favorites% : C:\Documents and Settings\Stephane\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Stephane\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Stephane\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 28 Go of 72 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 71 Go of 72 Go) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792] [MD5.1ED4120974B73A40863CD8D2221C162F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.01/10/2011 - 19:39:20.) -- C:\WINDOWS\system32\wininet.dll [832512] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.355556D9E580915118CD7EF736653A89] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.01/10/2011 - 14:22:48.) -- C:\WINDOWS\system32\drivers\AFD.sys [138496] 1868 [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.01/10/2011 - 14:06:15.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] 1788 [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Cdfs.sys [63744] 1804 [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Cdrom.sys [62976] 1780 [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Fips.sys [44672] 1852 [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\HDAudBus.sys [144384] 1940 [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.01/10/2011 - 18:00:54.) -- C:\WINDOWS\system32\drivers\i8042prt.sys [54144] 1852 [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Imapi.sys [42112] 1780 [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\IpNat.sys [152832] 1820 [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\IPSec.sys [75264] 1756 [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.01/10/2011 - 14:29:31.) -- C:\WINDOWS\system32\drivers\MRxSmb.sys [456320] 1844 [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\netBT.sys [162816] 1788 [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] 1788 [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Parport.sys [80384] 1852 [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Rasl2tp.sys [51328] 1876 [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.01/10/2011 - 10:32:52.) -- C:\WINDOWS\system32\drivers\rdpdr.sys [196224] 1828 [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.01/10/2011 - 19:57:36.) -- C:\WINDOWS\system32\drivers\redbook.sys [58752] 1892 [MD5.93D313C31F7AD9EA2B75F26075413C7C] - (.Microsoft Corporation - Pilote de périphérique série.) (.01/10/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\Serial.sys [66048] 1868 ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/2 ~ Mes musiques (My Musics) : 1/2 ~ Mes Favoris (My Favorites) : 1/32 ~ Mes Documents (My Documents) : 4/15 ~ Mon Bureau (My Desktop) : 1/1431 ~ Menu demarrer (Programs) : 6/29 ~ Scan Hidden Files in 00mn 03s ---\\ Processus lancés [MD5.82699E5EDE403F59FC4384D39EB77B52] - (.Enigma Software Group USA, LLC. - Service scanner interface.) -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [327064] [PID.] [MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.] [MD5.C0393EB99A6C72C6BEF9BFC4A72B33A6] - (.SUPERAntiSpyware.com - Core Service.) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608] [PID.] [MD5.1CF3866E09FFE13CF280D4DDFA9F7DCF] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.] [MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.] [MD5.E43F7709F36444681978F9DC067A976B] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [346720] [PID.] [MD5.4F0BED169FAB31EA094A649B0473B5C6] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [135168] [PID.3268] [MD5.8B0DE4B972DB725FB9D591E69CD236FB] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [159744] [PID.3352] [MD5.DDE609AC0ED5669DC40650DFE0E66C3E] - (.ASUS - AsScrPro.) -- C:\WINDOWS\AsScrPro.exe [3054136] [PID.3516] [MD5.0E3A2C02789E7DBBA9007844527D5872] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [17881600] [PID.3524] [MD5.F1E858C7523F3E95286549003A700EF7] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1512744] [PID.3540] [MD5.253CF4703D21BEC8A1AFCE35B8232ABC] - (.ASUSTeK Computer Inc. - Asus Eee PC ACPI Service.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [696320] [PID.3564] [MD5.91C2BA0431E84FD66766FB2352C82463] - (.ASUSTeK Computer Inc. - AsEPCMon.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe [98304] [PID.3572] [MD5.DD4DAD7294B7D29F1CE4D9B81540A998] - (.ASUSTeK Computer Inc. - Eee PC Tray Utility.) -- C:\Program Files\EeePC\ACPI\AsTray.exe [118784] [PID.3580] [MD5.3726751A8C2C57D1013F3C8D7AAE726C] - (.Intel Corporation - igfxext Module.) -- C:\WINDOWS\system32\igfxext.exe [163840] [PID.3656] [MD5.6E0B205042FC3AF5DE84F90F875AFFDA] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [249856] [PID.3680] [MD5.3B50055972861DA5D5625CAD1B11007E] - (.Elaborate Bytes AG - CloneCD Tray.) -- C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe [73728] [PID.3696] [MD5.3E0511382C9B1D9FE20AD760464DB4F9] - (.Anti-Trojan Network - Anti-Trojan Watch.) -- C:\Program Files\Anti-Trojan-55\ATWatch.exe [26624] [PID.3716] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.3740] [MD5.6DB4CC46B84D49F675D89BFB0A8CAFC3] - (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4603264] [PID.4052] [MD5.1D4E38336C554C955558D8B72892ACBF] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [604776] [PID.1000] [MD5.59D7814D3E12C0B46072EEF1DA003729] - (.ASUSTeK Computer Inc. - Eee Super Hybrid Engine.) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [376832] [PID.216] [MD5.9089100A22856513CBF35E18C552D53F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.1248] [MD5.A89788C5D2B246E9289489D3F156AD8C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.1648] [MD5.0411F7EE63AE48D2918AB4F2C79AB6C4] - (.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe [78848] [PID.] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.] [MD5.A6333BD6D9D42AE4E3A72E5EA5E7560F] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2125312] [PID.3732] [MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.] ~ Scan Processes Running in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] Bing G0 - GCSP: Preference [user Data\Default][HomePage] Google ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Stephane\Application Data\Mozilla\Firefox\Profiles\1gzqwcot.default\prefs.js C:\Documents and Settings\Stephane\Application Data\Mozilla\Firefox\Profiles\1gzqwcot.default\user.js (.not file.) M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [stephane] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [stephane - 1gzqwcot.default] Google P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8064.0206] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Unlimited music on demand, on your computer and mobile devices. No software to download R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Microsoft Corporation R0 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\Software\Microsoft\Internet Explorer\Main,Start Page = Unlimited music on demand, on your computer and mobile devices. No software to download R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing R1 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.17099 (vista_gdr.110617-1500)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) O1 - Hosts: 74.125.45.100 4-open-davinci.com O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com O1 - Hosts: 74.125.45.100 privatesecuredpayments.com O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com O1 - Hosts: 74.125.45.100 getantivirusplusnow.com O1 - Hosts: 74.125.45.100 secure-plus-payments.com O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com O1 - Hosts: 74.125.45.100 www.getavplusnow.com O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com O1 - Hosts: 74.125.45.100 paysoftbillsolution.com O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com O1 - Hosts: 74.55.47.101 www.google.com O1 - Hosts: 74.55.47.101 google.com O1 - Hosts: 74.55.47.101 google.com.au O1 - Hosts: 74.55.47.101 www.google.com.au O1 - Hosts: 74.55.47.101 google.be O1 - Hosts: 74.55.47.101 www.google.be O1 - Hosts: 74.55.47.101 google.com.br O1 - Hosts: 74.55.47.101 www.google.com.br O1 - Hosts: 74.55.47.101 google.ca O1 - Hosts: 74.55.47.101 www.google.ca O1 - Hosts: 74.55.47.101 google.ch O1 - Hosts: 74.55.47.101 www.google.ch O1 - Hosts: 74.55.47.101 google.de O1 - Hosts: 74.55.47.101 www.google.de O1 - Hosts: 74.55.47.101 google.dk O1 - Hosts: 74.55.47.101 www.google.dk O1 - Hosts: 74.55.47.101 google.fr O1 - Hosts: 74.55.47.101 www.google.fr O1 - Hosts: 74.55.47.101 google.ie O1 - Hosts: 74.55.47.101 www.google.ie O1 - Hosts: 74.55.47.101 google.it O1 - Hosts: 74.55.47.101 www.google.it O1 - Hosts: 74.55.47.101 google.co.jp O1 - Hosts: 74.55.47.101 www.google.co.jp O1 - Hosts: 74.55.47.101 google.nl O1 - Hosts: 74.55.47.101 www.google.nl O1 - Hosts: 74.55.47.101 google.no O1 - Hosts: 74.55.47.101 www.google.no O1 - Hosts: 74.55.47.101 google.co.nz O1 - Hosts: 74.55.47.101 www.google.co.nz O1 - Hosts: 74.55.47.101 google.pl O1 - Hosts: 74.55.47.101 www.google.pl O1 - Hosts: 74.55.47.101 google.se O1 - Hosts: 74.55.47.101 www.google.se O1 - Hosts: 74.55.47.101 google.co.uk O1 - Hosts: 74.55.47.101 www.google.co.uk O1 - Hosts: 74.55.47.101 google.co.za O1 - Hosts: 74.55.47.101 www.google.co.za O1 - Hosts: 74.55.47.101 www.google-analytics.com O1 - Hosts: 74.55.47.101 www.bing.com O1 - Hosts: 74.55.47.101 search.yahoo.com O1 - Hosts: 74.55.47.101 www.search.yahoo.com O1 - Hosts: 74.55.47.101 uk.search.yahoo.com O1 - Hosts: 74.55.47.101 ca.search.yahoo.com O1 - Hosts: 74.55.47.101 de.search.yahoo.com O1 - Hosts: 74.55.47.101 fr.search.yahoo.com O1 - Hosts: 74.55.47.101 au. ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} . (.Ask.com - Ask.com Toolbar.) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} . (.Ask.com - Ask.com Toolbar.) -- C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll" O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [ASUS Screen Saver Protector] . (.ASUS - AsScrPro.) -- C:\WINDOWS\AsScrPro.exe O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [synAsusAcpi] . (.Synaptics Incorporated - Asus Custom Acpi Monitor Application.) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe O4 - HKLM\..\Run: [AsusACPIServer] . (.ASUSTeK Computer Inc. - Asus Eee PC ACPI Service.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe O4 - HKLM\..\Run: [AsusEPCMonitor] . (.ASUSTeK Computer Inc. - AsEPCMon.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe O4 - HKLM\..\Run: [AsusTray] . (.ASUSTeK Computer Inc. - Eee PC Tray Utility.) -- C:\Program Files\EeePC\ACPI\AsTray.exe O4 - HKLM\..\Run: [CloneCDElbyCDFL] . (.Elaborate Bytes AG - ElbyCheck.) -- C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe O4 - HKLM\..\Run: [CloneCDTray] . (.Elaborate Bytes AG - CloneCD Tray.) -- C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe O4 - HKLM\..\Run: [bEWINTERNET-FR-DMGP-V2SessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [Anti-Trojan-Watch] . (.Anti-Trojan Network - Anti-Trojan Watch.) -- C:\Program Files\Anti-Trojan-55\ATWatch.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\..\Run: [sUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-3330890289-3585157530-1149903320-1006\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Update\GoogleUpdate.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Favoris Bluetooth.lnk - Clé orpheline O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Visionneuse Microsoft Office PowerPoint 2007.lnk . (...) -- C:\WINDOWS\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\Stephane\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\Stephane\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\Stephane\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: C:\Documents And Settings\Stephane\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.exe O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~4\OFFICE11\REFBARH.ICO O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7D140E2A-B1D5-447B-A352-5E533DE4A889}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{7D140E2A-B1D5-447B-A352-5E533DE4A889}: DhcpNameServer = 192.168.1.254 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 01s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Scan Winlogon in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3330890289-3585157530-1149903320-1006Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3330890289-3585157530-1149903320-1006UA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RegCure Program Check.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RegCure.job ~ Scan Scheduled Task in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: ASUSUpdate for Eee PC - (.Pas de propriétaire.) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Anti-Trojan 5.5 - (.Anti-Trojan Network.) [HKLM] -- Anti-Trojan 5.5_is1 O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} O42 - Logiciel: Asus ACPI Driver - (.AsusTek Computer.) [HKLM] -- {19F5658D-92E8-4A08-8657-D38ABB1574B2} O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {16D0F2D2-242C-4885-BEF1-4B1655C141AE} O42 - Logiciel: Card Detector for Option Icon 515 - (.Pas de propriétaire.) [HKLM] -- CardDetectorICON515 O42 - Logiciel: Choice Guard - (.Microsoft Corporation.) [HKLM] -- {8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} O42 - Logiciel: CloneCD - (.Elaborate Bytes.) [HKLM] -- CloneCD O42 - Logiciel: ESET Online Scanner v3 - (.Pas de propriétaire.) [HKLM] -- ESET Online Scanner O42 - Logiciel: Eee PC_1008HA Screen Saver - (.Pas de propriétaire.) [HKLM] -- Eee PC_1008HA O42 - Logiciel: Eee Storage 1.2.17.333 - (.ECAREME.) [HKLM] -- Eee Storage O42 - Logiciel: FRANCE PROSPECT Email 120 - (.FRANCEPROSPECT.) [HKLM] -- {CBB4ED66-9C21-4DDF-A6D0-162081570A73} O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] -- Foxit Reader O42 - Logiciel: Foxit Toolbar - (.Ask.com.) [HKLM] -- Ask Toolbar_is1 O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {44E54A81-9D91-4AA1-9417-80AFF134F5FF} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {7370DF47-B4F9-4279-BFC3-3F09919F720D} O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI O42 - Logiciel: Internet Everywhere - (.Pas de propriétaire.) [HKLM] -- {BEWINTERNET-FR-DMGP-V2}.UninstallSuite O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MagicPDF 2.01 - (.Magic Document Solutions Inc..) [HKLM] -- MagicPDF_is1 O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447 O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007 O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710} O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Mozilla Firefox 6.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.1 (x86 fr) O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: RegCure - (.ParetoLogic, Inc..) [HKLM] -- RegCure O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6} O42 - Logiciel: Skype™ 5.0 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8} O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM] -- {4FC9DA9D-F608-454E-8191-D7EFFDCC5726} O42 - Logiciel: Super Hybrid Engine - (.ASUS.) [HKLM] -- {88F08F98-12BC-4613-81A2-8F9B88CFC73E} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: USB2.0 UVC Camera Device - (.UVCPCC.) [HKLM] -- {3FB39BED-37C8-4E60-8E02-315B8C2B07E3} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VLC media player 1.0.2 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: WIDCOMM Bluetooth Software - (.WIDCOMM, Inc..) [HKLM] -- {84814E6B-2581-46EC-926A-823BD1C670F6} O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7 O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52} O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {D6A2DDE3-9D7C-412C-932A-756580D29919} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {63DC2DA0-2A6C-4C38-9249-B75395458657} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {059C042E-796A-4ACC-A81A-ECC2010BB78C} O42 - Logiciel: Windows Live Sync - (.Microsoft Corporation.) [HKLM] -- {9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {2231CE39-B963-4B9D-823A-F412ECA637B1} O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 ---\\ HKCU & HKLM Software Keys [HKCU\Software\AppDataLow\AskBarDis] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\AskBarDis] [HKCU\Software\Asus] [HKCU\Software\Avira] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\ECAREME] [HKCU\Software\ESET] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Foxit Software] [HKCU\Software\Google] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\SUPERAntiSpyware.com] [HKCU\Software\SkypeApps] [HKCU\Software\Skype] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\TG0PTF86JH] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Wget] [HKCU\Software\Widcomm] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKLM\Software\Adobe] [HKLM\Software\AskBarDis] [HKLM\Software\AsusTek Computer] [HKLM\Software\Asus] [HKLM\Software\Atheros Communications Inc.] [HKLM\Software\Atheros] [HKLM\Software\Avira] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\Digital River] [HKLM\Software\ECAREME] [HKLM\Software\Elaborate Bytes] [HKLM\Software\EnigmaSoftwareGroup] [HKLM\Software\Eset] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\Foxit Software] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Mirabilis] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Ralink] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\Skype] [HKLM\Software\Swearware] [HKLM\Software\Synaptics] [HKLM\Software\UVCPCC] [HKLM\Software\VideoLAN] [HKLM\Software\Widcomm] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\X-AVCSD] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 01/10/2011 - 14:01:28 - [2787328] ----D- C:\Program Files\Anti-Trojan-55 O43 - CFD: 02/08/2009 - 18:32:12 - [1333012] ----D- C:\Program Files\AskBarDis O43 - CFD: 28/06/2009 - 22:51:54 - [4729714] ----D- C:\Program Files\ASUS O43 - CFD: 23/04/2009 - 15:46:12 - [4150] ----D- C:\Program Files\Atheros O43 - CFD: 18/08/2011 - 18:22:24 - [136931215] ----D- C:\Program Files\Avira O43 - CFD: 20/07/2010 - 22:02:16 - [33240840] ----D- C:\Program Files\CardDetector O43 - CFD: 16/07/2010 - 23:07:28 - [7951928] ----D- C:\Program Files\CardDetector(2) O43 - CFD: 23/04/2009 - 16:05:24 - [10755089] ----D- C:\Program Files\Eee Storage O43 - CFD: 28/06/2009 - 22:51:28 - [3885442] ----D- C:\Program Files\EeePC O43 - CFD: 27/07/2009 - 18:41:08 - [5315898] ----D- C:\Program Files\Elaborate Bytes O43 - CFD: 22/07/2010 - 13:11:28 - [29188751] ----D- C:\Program Files\Enigma Software Group O43 - CFD: 18/08/2011 - 17:29:12 - [18323031] ----D- C:\Program Files\ESET O43 - CFD: 18/08/2011 - 13:51:46 - [590147698] ----D- C:\Program Files\Fichiers communs O43 - CFD: 29/07/2009 - 12:28:54 - [6927027] ----D- C:\Program Files\Foxit Software O43 - CFD: 12/11/2009 - 10:38:38 - [1072140066] ----D- C:\Program Files\FRANCEPROSPECT O43 - CFD: 30/11/2010 - 22:55:22 - [19915838] ----D- C:\Program Files\Google O43 - CFD: 28/06/2009 - 22:51:54 - [37983645] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 23/04/2009 - 15:44:44 - [64737] ----D- C:\Program Files\Intel O43 - CFD: 14/08/2011 - 12:02:20 - [2806491] ----D- C:\Program Files\Internet Explorer O43 - CFD: 29/07/2009 - 12:42:08 - [1259087] ----D- C:\Program Files\MagicPDF O43 - CFD: 18/08/2011 - 16:53:46 - [7042908] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 23/04/2009 - 15:36:54 - [2152579] ----D- C:\Program Files\Messenger O43 - CFD: 22/08/2011 - 22:57:14 - [21015069] ----D- C:\Program Files\Microsoft O43 - CFD: 16/04/2009 - 13:13:38 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 13/08/2011 - 22:29:10 - [187189865] ----D- C:\Program Files\Microsoft Office O43 - CFD: 23/04/2009 - 16:10:32 - [7688379] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant O43 - CFD: 23/04/2009 - 15:49:48 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 23/04/2009 - 15:58:08 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework O43 - CFD: 12/01/2011 - 15:39:42 - [144677302] ----D- C:\Program Files\Microsoft Works O43 - CFD: 29/07/2009 - 12:15:32 - [131072] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 11/08/2010 - 23:24:58 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 01/10/2011 - 14:24:54 - [35669311] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 05/09/2009 - 17:12:42 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 16/04/2009 - 13:10:40 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 16/04/2009 - 13:11:42 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 23/04/2009 - 16:02:48 - [109056808] ----D- C:\Program Files\Norton Internet Security O43 - CFD: 16/07/2010 - 23:21:52 - [101733051] ----D- C:\Program Files\Orange O43 - CFD: 18/12/2010 - 09:58:52 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 28/06/2009 - 22:47:56 - [62827892] ----D- C:\Program Files\Realtek O43 - CFD: 05/09/2009 - 17:12:32 - [36400897] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 18/08/2011 - 18:15:34 - [15238454] ----D- C:\Program Files\RegCure O43 - CFD: 16/04/2009 - 13:11:54 - [1025] ----D- C:\Program Files\Services en ligne O43 - CFD: 30/11/2010 - 22:54:22 - [28205147] R---D- C:\Program Files\Skype O43 - CFD: 20/08/2011 - 08:52:02 - [39057312] ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD: 28/06/2009 - 22:49:24 - [26611885] ----D- C:\Program Files\Synaptics O43 - CFD: 16/04/2009 - 13:16:52 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 23/04/2009 - 15:47:18 - [231249] ----D- C:\Program Files\USB2.0 UVC Camera Device O43 - CFD: 17/10/2009 - 12:28:32 - [76927915] ----D- C:\Program Files\VideoLAN O43 - CFD: 23/04/2009 - 15:47:30 - [7914129] ----D- C:\Program Files\WIDCOMM O43 - CFD: 22/08/2011 - 22:58:18 - [138963694] ----D- C:\Program Files\Windows Live O43 - CFD: 23/04/2009 - 15:56:20 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 23/04/2009 - 16:04:50 - [3581070] ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD: 23/04/2009 - 16:05:14 - [8265243] ----D- C:\Program Files\Windows Media Player O43 - CFD: 16/04/2009 - 13:10:38 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 16/04/2009 - 13:11:56 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 29/07/2009 - 12:23:56 - [2973605] ----D- C:\Program Files\WinRAR O43 - CFD: 16/04/2009 - 13:13:38 - [0] ----D- C:\Program Files\xerox O43 - CFD: 01/10/2011 - 15:09:14 - [6399179] ----D- C:\Program Files\ZHPDiag O43 - CFD: 29/07/2009 - 11:54:44 - [0] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 29/07/2009 - 12:15:50 - [86016] ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD: 16/07/2010 - 23:07:34 - [11275150] ----D- C:\Program Files\Fichiers Communs\France Telecom O43 - CFD: 28/06/2009 - 22:51:46 - [6678029] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 18/08/2011 - 12:31:12 - [166450672] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 16/04/2009 - 13:11:40 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 16/04/2009 - 15:07:48 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 16/04/2009 - 13:11:42 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 30/11/2010 - 22:54:22 - [2164104] ----D- C:\Program Files\Fichiers Communs\Skype O43 - CFD: 16/04/2009 - 15:07:44 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 29/07/2009 - 12:15:34 - [20325447] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 23/04/2009 - 15:53:56 - [346094481] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 22/07/2010 - 13:10:54 - [32994304] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard O43 - CFD: 27/07/2009 - 18:58:38 - [1595230] ----D- C:\Documents and Settings\Stephane\Application Data\Adobe O43 - CFD: 03/09/2011 - 18:53:00 - [0] ----D- C:\Documents and Settings\Stephane\Application Data\Avira O43 - CFD: 29/07/2009 - 12:28:54 - [34100] ----D- C:\Documents and Settings\Stephane\Application Data\Foxit O43 - CFD: 30/11/2010 - 22:58:28 - [8500] ----D- C:\Documents and Settings\Stephane\Application Data\Google O43 - CFD: 16/04/2009 - 13:16:54 - [0] ----D- C:\Documents and Settings\Stephane\Application Data\Identities O43 - CFD: 23/04/2009 - 15:46:08 - [0] ----D- C:\Documents and Settings\Stephane\Application Data\InstallShield O43 - CFD: 27/07/2009 - 18:36:20 - [32720] ----D- C:\Documents and Settings\Stephane\Application Data\Macromedia O43 - CFD: 25/07/2010 - 15:18:20 - [15161] ----D- C:\Documents and Settings\Stephane\Application Data\Malwarebytes O43 - CFD: 18/08/2011 - 12:32:14 - [3948843] -S--D- C:\Documents and Settings\Stephane\Application Data\Microsoft O43 - CFD: 18/08/2011 - 12:54:30 - [15270757] ----D- C:\Documents and Settings\Stephane\Application Data\Mozilla O43 - CFD: 05/12/2010 - 11:15:10 - [2387700] ----D- C:\Documents and Settings\Stephane\Application Data\Skype O43 - CFD: 05/12/2010 - 10:49:06 - [8120] ----D- C:\Documents and Settings\Stephane\Application Data\skypePM O43 - CFD: 25/07/2010 - 14:45:30 - [52506205] ----D- C:\Documents and Settings\Stephane\Application Data\SUPERAntiSpyware.com O43 - CFD: 19/08/2011 - 01:13:28 - [748158] ----D- C:\Documents and Settings\Stephane\Application Data\vlc O43 - CFD: 29/07/2009 - 11:54:38 - [15185] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Adobe O43 - CFD: 23/04/2009 - 16:05:20 - [8913] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\ApplicationHistory O43 - CFD: 11/08/2010 - 14:11:26 - [0] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Deployment O43 - CFD: 13/08/2011 - 22:32:46 - [453455092] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google O43 - CFD: 27/07/2009 - 18:37:24 - [80146612] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Identities O43 - CFD: 26/08/2011 - 10:09:42 - [4313722674] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Microsoft O43 - CFD: 23/04/2009 - 16:06:06 - [0] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Microsoft Help O43 - CFD: 18/08/2011 - 12:50:10 - [217951230] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Mozilla O43 - CFD: 14/08/2011 - 12:16:48 - [0] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Temp O43 - CFD: 20/07/2010 - 22:02:40 - [0] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\Threat Expert O43 - CFD: 28/07/2009 - 00:24:24 - [0] ----D- C:\Documents and Settings\Stephane\Local Settings\Application Data\WMTools Downloaded Files ~ Scan Program Folder in 00mn 18s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.C661CF5379C551AFF6C8B8790B0B74F8] - 01/10/2011 - 13:21:24 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32490] O44 - LFC:[MD5.63ACA7B9B649EA94B1E09739A9997D6C] - 01/10/2011 - 13:05:08 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [105526] O44 - LFC:[MD5.9FC74A8280C2A45B9319730AC0DEDB08] - 01/10/2011 - 13:05:08 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [480620] O44 - LFC:[MD5.135F3CA51B94FF739AC5AE4127B19553] - 01/10/2011 - 13:05:08 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [555194] O44 - LFC:[MD5.D7894AA7A386763EF314469A7A681E79] - 01/10/2011 - 13:05:07 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [1243348] O44 - LFC:[MD5.1E8465FB7F12835013D7691F19036BB1] - 01/10/2011 - 13:05:07 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [88180] O44 - LFC:[MD5.EEBACD996A2059BAE2181BB60673B938] - 01/10/2011 - 13:02:40 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [404640] O44 - LFC:[MD5.1D41FD9094FA00F6589BF63D5AF8DC9C] - 01/10/2011 - 13:02:26 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1057332] O44 - LFC:[MD5.DB54A60950F7AE98CA49797D533D169E] - 01/10/2011 - 13:00:48 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [1158] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/10/2011 - 13:00:30 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.2539537807DB4C31BBF3674C6EF73D10] - 01/10/2011 - 13:00:06 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.A4F8D5BC34C5433A0EFFE77783D8C366] - 01/10/2011 - 13:00:05 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 01/10/2011 - 12:59:52 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.21CD61B66955C08339D2E4739084658E] - 01/10/2011 - 12:57:27 ---A- . (...) -- C:\WINDOWS\comsetup.log [510365] O44 - LFC:[MD5.033351DC6B42460C3CBD8C486A75B8F6] - 01/10/2011 - 12:57:27 ---A- . (...) -- C:\WINDOWS\iis6.log [238646] O44 - LFC:[MD5.491C5EF13D9541523B7EE46EAF202F03] - 01/10/2011 - 12:57:27 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [307042] O44 - LFC:[MD5.5214C59CD08B68862F608E4EA6C510A0] - 01/10/2011 - 12:57:26 ---A- . (...) -- C:\WINDOWS\KB2607712.log [13304] O44 - LFC:[MD5.63CAD1D8118B5CC28B618CE8D4560C1D] - 01/10/2011 - 12:57:26 ---A- . (...) -- C:\WINDOWS\imsins.log [1374] O44 - LFC:[MD5.208C15ED71113E05AE7B3D41A41F6E4A] - 01/10/2011 - 12:57:26 ---A- . (...) -- C:\WINDOWS\ocmsn.log [82921] O44 - LFC:[MD5.50F84AD0B29AABBE012059BE82B79F2B] - 01/10/2011 - 12:57:26 ---A- . (...) -- C:\WINDOWS\tsoc.log [578313] O44 - LFC:[MD5.534AD4DF2AD6B9207D3B1C51E3BC5D18] - 01/10/2011 - 12:57:24 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1495452] O44 - LFC:[MD5.DDE6A5A9A3C40F00F4AEFF310B83DD0A] - 01/10/2011 - 12:57:24 ---A- . (...) -- C:\WINDOWS\msgsocm.log [75031] O44 - LFC:[MD5.84A2CDA84AD6EA6CC0D332D551786CFF] - 01/10/2011 - 12:57:24 ---A- . (...) -- C:\WINDOWS\ocgen.log [724165] O44 - LFC:[MD5.F2B2E5E035ADA71CE02DC542F5E3082F] - 01/10/2011 - 12:57:24 ---A- . (...) -- C:\WINDOWS\setupapi.log [523437] O44 - LFC:[MD5.9E8BE4BA99FF4A796A9E5A754827BEE6] - 01/10/2011 - 12:57:14 ---A- . (...) -- C:\WINDOWS\updspapi.log [173957] ~ Scan Files in 01mn 02s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe O47 - AAKE:Key Export SP - "C:\Program Files\VideoLAN\VLC\vlc.exe" [Enabled] .(...) -- C:\Program Files\VideoLAN\VLC\vlc.exe O47 - AAKE:Key Export SP - "C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\IEWInternet\Connectivity\ConnectivityManager.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "C:\Program Files\Anti-Trojan-55\Anti-Trojan.exe" [Enabled] .(.Anti-Trojan - Anti-Trojan 5.5 Professional.) -- C:\Program Files\Anti-Trojan-55\Anti-Trojan.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe ~ Scan Keys in 00mn 03s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - WDF Dynamic.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - WDF Dynamic.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys ~ Scan CSB in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ Scan IFEO in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\MsnMsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\MsnMsgr.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.F6AF59D6EEE5E1C304F7F73706AD11D8] - 01/10/2011 - 13:10:12 ---A- . (.Creative - Creative WDM 3D Audio Driver.) -- C:\WINDOWS\system32\drivers\Ambfilt.sys [1684736] O58 - SDL:[MD5.12415A4B61DED200FE9932B47A35FA42] - 01/10/2011 - 14:59:28 ---A- . (.ASUSTeK Computer Inc. - ASUS ACPI Device Driver.) -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS [10752] O58 - SDL:[MD5.E0EE769D14128014965E03B433F5F46E] - 01/10/2011 - 22:05:26 ---A- . (.Atheros Communications, Inc. - Driver for Atheros AR5008 Wireless Network Adapter.) -- C:\WINDOWS\system32\drivers\athw.sys [1528928] O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 01/10/2011 - 14:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys [45416] O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 01/10/2011 - 07:50:43 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [61960] O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 01/10/2011 - 14:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys [22360] O58 - SDL:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 01/10/2011 - 07:50:43 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [137656] O58 - SDL:[MD5.4B43DFE1C1FBB305A1DC5504EF9BB34E] - 01/10/2011 - 04:46:12 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\WINDOWS\system32\drivers\btaudio.sys [534568] O58 - SDL:[MD5.70455BAFFC078B6152D1E52376296467] - 01/10/2011 - 15:16:36 ---A- . (.Broadcom Corporation. - Bluetooth Bus Enumerator.) -- C:\WINDOWS\system32\drivers\btkrnl.sys [991656] O58 - SDL:[MD5.2F9F111D31AA3FBBE5781D829A4524E6] - 01/10/2011 - 10:57:44 ---A- . (.Broadcom Corporation. - Bluetooth BTPORT Driver for Windows 2000.) -- C:\WINDOWS\system32\drivers\btport.sys [37160] O58 - SDL:[MD5.485020A1E1FC5C51A800CA69C618D881] - 01/10/2011 - 10:37:10 ---A- . (.Broadcom Corporation. - Bluetooth LAN Access Server Driver.) -- C:\WINDOWS\system32\drivers\btwdndis.sys [156816] O58 - SDL:[MD5.949ECA9C56F657C06D3166D51F3226C7] - 01/10/2011 - 11:18:42 ---A- . (.Broadcom Corporation. - Bluetooth Virtual HID Minidriver.) -- C:\WINDOWS\system32\drivers\btwhid.sys [57384] O58 - SDL:[MD5.C21362BB5A22CE4B40A7B475254F858C] - 01/10/2011 - 07:14:24 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth IT Manager Filter.) -- C:\WINDOWS\system32\drivers\btwsecfl.sys [89896] O58 - SDL:[MD5.2CFC2BD8785F82A42FCAD83DE1FA5A36] - 01/10/2011 - 15:16:28 ---A- . (.Broadcom Corporation. - Driver for Bluetooth USB Devices.) -- C:\WINDOWS\system32\drivers\btwusb.sys [47272] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 01/10/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 01/10/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.59C9E1336A4508F059827D638E924C62] - 01/10/2011 - 15:18:04 ---A- . (.Elaborate Bytes AG - ElbyCDIO Filter Driver.) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys [15360] O58 - SDL:[MD5.389823DB299B350F2EE830D47376EEAC] - 01/10/2011 - 12:38:16 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys [16320] O58 - SDL:[MD5.C4143FC2F7D39A5A8B1CFE0BC4BD8A9E] - 01/10/2011 - 11:43:49 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\drivers\ElbyVCD.sys [22016] O58 - SDL:[MD5.26EA5EAE39A48FC6667FCD35753DCFFF] - 01/10/2011 - 17:35:46 R--A- . (.Option N.V. - NDIS driver.) -- C:\WINDOWS\system32\drivers\gtuhs51.sys [107520] O58 - SDL:[MD5.884199F75305F58038480F31E47604B7] - 01/10/2011 - 17:35:46 R--A- . (.Option N.V. - Pas de description.) -- C:\WINDOWS\system32\drivers\gtuhsbus.sys [66560] O58 - SDL:[MD5.84F1E6DD27A401C7E69E277FD74AEFDE] - 01/10/2011 - 17:35:46 R--A- . (.Option N.V. - Pas de description.) -- C:\WINDOWS\system32\drivers\gtuhsser.sys [8064] O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 01/10/2011 - 13:00:00 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384] O58 - SDL:[MD5.8EF427C54497C5F8A7A645990E4278C7] - 01/10/2011 - 06:32:56 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\system32\drivers\iaStor.sys [327192] O58 - SDL:[MD5.0F68E2EC713F132FFB19E45415B09679] - 01/10/2011 - 16:32:12 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\igxpmp32.sys [5854688] O58 - SDL:[MD5.6C8658587E91EA25B0FD2E71781AD228] - 01/10/2011 - 06:03:48 ---A- . (.Atheros Communications, Inc. - Atheros AR8131/AR8132 PCI-E Ethernet Controller ndis miniport d.) -- C:\WINDOWS\system32\drivers\l1c51x86.sys [38912] O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 01/10/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 01/10/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 01/10/2011 - 08:41:48 ---A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\system32\drivers\Monfilt.sys [1389056] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 01/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 01/10/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 01/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 01/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.AFA6853AA949B5E151E4A10F6805B5B2] - 01/10/2011 - 10:18:54 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [5080064] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 01/10/2011 - 13:00:00 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 01/10/2011 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.8E25A1DBB8527B2074AF9B682F818768] - 01/10/2011 - 14:14:28 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys [208816] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 01/10/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.C019889035CDC1A06F2FEBC93CBB6897] - 01/10/2011 - 02:21:28 ---A- . (.GenesysLogic Technologies, Inc. - uvclf.sys.) -- C:\WINDOWS\system32\drivers\uvclf.sys [39040] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 01/10/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.E0EE769D14128014965E03B433F5F46E] - 01/10/2011 - 22:05:26 ---A- . (.Atheros Communications, Inc. - Driver for Atheros AR5008 Wireless Network Adapter.) -- C:\WINDOWS\system32\athw.sys [1528928] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:[MD5.B670C5D89F0726B7A2A7DFB4E968CDF8] - 01/10/2011 - 03:52:54 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\system32\pcampr5.sys [34688] O58 - SDL:[MD5.ECD2F9D67B06606064DAF6961A6D5EFE] - 01/10/2011 - 03:52:54 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\pcandis5.sys [32128] ~ Scan Drivers in 00mn 02s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 20/08/2011 - C:\Program Files\SUPERAntiSpyware\SASCORE.exe - SAS Core Service(!SASCORE) .(.SUPERAntiSpyware.com - Core Service.) - LEGACY_!SASCORE O64 - Services: CurCS - 20/08/2011 - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur(AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - 20/08/2011 - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard(AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - 17/06/2010 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - 20/08/2011 - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 20/08/2011 - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 02/09/2008 - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe - Bluetooth Service(btwdins) .(.Broadcom Corporation. - Bluetooth Support Server.) - LEGACY_BTWDINS O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\Stephane\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 29/11/2002 - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver(ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO O64 - Services: CurCS - 27/01/2010 - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys - esgiguard (esgiguard) .(...) - LEGACY_ESGIGUARD O64 - Services: CurCS - 30/11/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - 30/11/2010 - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater(gusvc) .(.Google - gusvc.) - LEGACY_GUSVC O64 - Services: CurCS - 20/02/2008 - C:\WINDOWS\system32\PCAMPR5.sys - PCAMPR5 NDIS Protocol Driver(PCAMPR5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMPR5 O64 - Services: CurCS - 20/02/2008 - C:\WINDOWS\system32\PCANDIS5.sys - PCANDIS5 NDIS Protocol Driver(PCANDIS5) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) - LEGACY_PCANDIS5 O64 - Services: CurCS - 20/08/2011 - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV(SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV O64 - Services: CurCS - 20/08/2011 - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL(SASKUTIL) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - LEGACY_SASKUTIL O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV ~ Scan Services in 00mn 02s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Stephane\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {13F3C4B7-3FB6-4B66-9433-1A71394D7B9F} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - Ask Toolbar ~ Scan Keys in 00mn 00s ---\\ Internet Feature Controls (O81) O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.F9E4595CB6B11C7AA625937A7F086EB9] [sPRF][18/08/2011] (.Swearware - ComboFix NSIS Installer.) -- C:\Documents and Settings\Stephane\Bureau\ComboFix.exe [4177864] [MD5.B3DBF67B5F1591366AE9C93AEF742668] [sPRF][18/08/2011] (.Mozilla - Firefox.) -- C:\Documents and Settings\Stephane\Bureau\Firefox Setup 6.0.exe [14100808] [MD5.3011790AFC6C86D059922C1C64326F9B] [sPRF][25/07/2010] (...) -- C:\Documents and Settings\Stephane\Bureau\Load_tdsskiller.exe [845916] [MD5.6AE625D478C96A378DFC9683F9DB34BA] [sPRF][25/07/2010] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Documents and Settings\Stephane\Bureau\mbam-setup-1.46.exe [6153352] [MD5.9FAAB868CD5E13205758F8CAFCD7D9FA] [sPRF][25/07/2010] (...) -- C:\Documents and Settings\Stephane\Bureau\rkill.com [363520] [MD5.F17BB5E20DD431BD92F7C74A0ADFDA29] [sPRF][30/11/2010] (.Skype Technologies S.A. - Skype.) -- C:\Documents and Settings\Stephane\Bureau\SkypeSetup.exe [955784] [MD5.EF5F9BC2EE712E94E0A2A39FF9925A57] [sPRF][22/07/2010] (.Enigma Software Group USA, LLC. - SpyHunter Downloader.) -- C:\Documents and Settings\Stephane\Bureau\SpyHunter-Installer.exe [662872] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][07/12/2004] (...) -- C:\WINDOWS\Downloaded Program Files\bdcore.dll [32] [MD5.298068536300DA6DC163E394797A7C50] [sPRF][25/05/2006] (...) -- C:\WINDOWS\Downloaded Program Files\bdupd.dll [118784] [MD5.1CAB87DE6638846FBF51F32B5D95E482] [sPRF][25/05/2006] (...) -- C:\WINDOWS\Downloaded Program Files\ipsupd.dll [53248] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][07/12/2004] (...) -- C:\WINDOWS\Downloaded Program Files\libfn.dll [32] ~ Scan Files in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 8646 - (29/09/2011) Clés trouvées (Keys found) : 32 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 2 Fichiers trouvés (Files found) : 0 [HKCU\Software\AppDataLow\AskBarDis] =>Toolbar.AskBarDis [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1] =>Toolbar.AskTBar [HKLM\Software\Classes\askibar.popswatterbarbutton] =>Toolbar.AskTBar [HKLM\Software\Classes\askibar.popswatterbarbutton.1] =>Toolbar.AskTBar [HKLM\Software\Classes\askibar.popswattersettingscontrol] =>Toolbar.AskTBar [HKLM\Software\Classes\askibar.popswattersettingscontrol.1] =>Toolbar.AskTBar [HKLM\Software\Classes\asktoolbar.settingsplugin] =>Toolbar.AskTBar [HKLM\Software\Classes\asktoolbar.settingsplugin.1] =>Toolbar.AskTBar [HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}] =>Adware.BHO [HKLM\Software\Classes\CLSID\{08993a7c-e764-4172-9627-bfb5ea6897b2}] =>Adware.BHO [HKLM\Software\Classes\CLSID\{128a6c66-ac6a-4617-8268-ab7f47b7215e}] =>Adware.BHO [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask [HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar [HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Toolbar.AskTBar [HKLM\Software\Classes\Interface\{4634804a-f0b0-4a74-a550-fc0eef8a4362}] =>Adware.BHO [HKLM\Software\Classes\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] =>Toolbar.SweetIM [HKLM\Software\Classes\Interface\{4c07ea4f-5f52-4222-b170-4cd9ed33baea}] =>Adware.BHO [HKLM\Software\Classes\CLSID\{571715d7-3395-4df0-b43c-784836209e60}] =>Adware.BHO [HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}] =>Adware.BHO [HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}] =>Adware.BHO [HKLM\Software\Classes\Interface\{c44feff4-ef0c-4cf7-83d0-92b4266a32b9}] =>Adware.BHO [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cf739809-1c6c-47c0-85b9-569dbb141420}] =>Toolbar.AskBarDis [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{cf739809-1c6c-47c0-85b9-569dbb141420}] =>Toolbar.AskBarDis [HKLM\Software\Classes\TypeLib\{d2e5fa06-dcc7-46f9-beff-bfd06f69b9b2}] =>Adware.ShopperReports [HKLM\Software\Classes\Interface\{f131923c-381d-4e4c-a472-4a17118fd742}] =>Adware.BHO [HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1] =>Toolbar.AskTBar [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{3041d03e-fd4b-44e0-b742-2d9b88305f98} =>Toolbar.AskTBar [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{3041d03e-fd4b-44e0-b742-2d9b88305f98} =>Toolbar.AskTBar C:\Program Files\Enigma Software Group\SpyHunter =>Crapware.SpyHunter C:\Program Files\AskBarDis =>Toolbar.AskBarDis ~ Scan Additionnel in 00mn 15s ---\\ Recherche détournement de DNS routeur (O89) Serveur : UnKnown Address: 192.168.1.254 Nom : www.l.google.com Addresses: 74.125.39.106, 74.125.39.104, 74.125.39.103, 74.125.39.99 74.125.39.105, 74.125.39.147 Aliases: www.google.fr, www.google.com ~ Scan DNS in 00mn 02s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 01/10/2011 116608 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe SR - | Auto 01/10/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 01/10/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SS - | Demand 01/10/2011 195336 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe SR - | Auto 01/10/2011 346720 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe SS - | Demand 01/10/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Auto 01/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 01/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 01/10/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 01/10/2011 327064 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.exe ~ Scan Services in 00mn 03s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Stephane at 01/10/2011 15:11:13 device: opened successfully user: MBR read successfully Disk trace: kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 05s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Stephane at 01/10/2011 15:11:15 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 07s End of the scan (1186 lines in 02mn 10s)(0)

bonjour j'ai 1 virus qui m'empeche d'atteindre la page d'accueil de google (q que soit le navigateur) resultat "erreur 404. Par contre si je tape 1 adresse internet direct la pas de pb. Merci de votre aide RAPIDE Portable sous xp 2002 Cordialement

Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4345 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 25/07/2010 17:32:19 mbam-log-2010-07-25 (17-32-19).txt Type d'examen: Examen complet (C:\|D:\|F:\|G:\|) Elément(s) analysé(s): 214483 Temps écoulé: 49 minute(s), 2 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 16 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\JDK5SWFMZY (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\TG0PTF86JH (Trojan.FakeAlert) -> No action taken. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jdk5swfmzy (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> No action taken. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP90\A0026545.dll (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP90\A0026546.dll (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP91\A0027800.exe (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP91\A0027802.dll (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP91\A0027803.dll (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP92\A0029053.exe (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP92\A0029055.dll (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP92\A0029056.dll (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP93\A0030306.exe (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP93\A0030308.dll (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP93\A0030309.dll (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP94\A0032664.exe (Trojan.FraudPack) -> No action taken. C:\System Volume Information\_restore{9DE1D792-4856-48D6-ADF4-809437407CA4}\RP94\A0032665.exe (Trojan.FraudPack) -> No action taken. G:\SUPERAntiSpyware.Professional.Edition.v4.39.1002.Final.Multilingual.Incl.Keygen-AT4RE\Keygen\Keygen.exe (Trojan.Agent.CK) -> No action taken. C:\Documents and Settings\Stephane\Application Data\avdrn.dat (Malware.Trace) -> No action taken. C:\Documents and Settings\All Users\Favoris\_favdata.dat (Malware.Trace) -> No action taken.

This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Ran as Stephane on 25/07/2010 at 15:11:26. Processes terminated by Rkill or while it was running: C:\Documents and Settings\Stephane\Bureau\rkill.com Rkill completed on 25/07/2010 at 15:11:33.

rapport tdsskiller 2010/07/25 15:01:20.0203 TDSS rootkit removing tool 2.4.0.0 Jul 22 2010 16:09:49 2010/07/25 15:01:20.0203 ================================================================================ 2010/07/25 15:01:20.0203 SystemInfo: 2010/07/25 15:01:20.0203 2010/07/25 15:01:20.0203 OS Version: 5.1.2600 ServicePack: 3.0 2010/07/25 15:01:20.0203 Product type: Workstation 2010/07/25 15:01:20.0203 ComputerName: YOUR-57I8G5C8PD 2010/07/25 15:01:20.0203 UserName: Stephane 2010/07/25 15:01:20.0203 Windows directory: C:\WINDOWS 2010/07/25 15:01:20.0203 System windows directory: C:\WINDOWS 2010/07/25 15:01:20.0203 Processor architecture: Intel x86 2010/07/25 15:01:20.0203 Number of processors: 2 2010/07/25 15:01:20.0203 Page size: 0x1000 2010/07/25 15:01:20.0203 Boot type: Normal boot 2010/07/25 15:01:20.0203 ================================================================================ 2010/07/25 15:01:20.0812 Initialize success 2010/07/25 15:01:34.0281 ================================================================================ 2010/07/25 15:01:34.0281 Scan started 2010/07/25 15:01:34.0281 Mode: Manual; 2010/07/25 15:01:34.0281 ================================================================================ 2010/07/25 15:01:35.0828 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2010/07/25 15:01:35.0859 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 2010/07/25 15:01:35.0937 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2010/07/25 15:01:36.0000 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2010/07/25 15:01:36.0234 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys 2010/07/25 15:01:36.0500 AR5416 (e0ee769d14128014965e03b433f5f46e) C:\WINDOWS\system32\DRIVERS\athw.sys 2010/07/25 15:01:36.0718 AsusACPI (12415a4b61ded200fe9932b47a35fa42) C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys 2010/07/25 15:01:36.0765 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2010/07/25 15:01:36.0828 atapi (4d8c79d986f6a226846c8c3a588192d8) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/07/25 15:01:36.0828 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\atapi.sys. Real md5: 4d8c79d986f6a226846c8c3a588192d8, Fake md5: 9f3a2f5aa6875c72bf062c712cfa2674 2010/07/25 15:01:36.0828 atapi - detected Rootkit.Win32.TDSS.tdl3 (0) 2010/07/25 15:01:36.0937 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2010/07/25 15:01:37.0000 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2010/07/25 15:01:37.0093 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2010/07/25 15:01:37.0171 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 2010/07/25 15:01:37.0281 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\WINDOWS\system32\DRIVERS\avipbb.sys 2010/07/25 15:01:37.0375 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2010/07/25 15:01:37.0484 btaudio (4b43dfe1c1fbb305a1dc5504ef9bb34e) C:\WINDOWS\system32\drivers\btaudio.sys 2010/07/25 15:01:37.0562 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys 2010/07/25 15:01:37.0718 BTKRNL (70455baffc078b6152d1e52376296467) C:\WINDOWS\system32\DRIVERS\btkrnl.sys 2010/07/25 15:01:37.0859 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys 2010/07/25 15:01:37.0890 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys 2010/07/25 15:01:37.0921 BTWUSB (2cfc2bd8785f82a42fcad83de1fa5a36) C:\WINDOWS\system32\Drivers\btwusb.sys 2010/07/25 15:01:37.0953 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2010/07/25 15:01:38.0015 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2010/07/25 15:01:38.0156 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2010/07/25 15:01:38.0203 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2010/07/25 15:01:38.0234 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2010/07/25 15:01:38.0296 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2010/07/25 15:01:38.0484 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2010/07/25 15:01:38.0640 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2010/07/25 15:01:38.0781 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 2010/07/25 15:01:38.0953 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 2010/07/25 15:01:39.0031 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2010/07/25 15:01:39.0171 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2010/07/25 15:01:39.0234 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2010/07/25 15:01:39.0296 ElbyCDFL (59c9e1336a4508f059827d638e924c62) C:\WINDOWS\system32\Drivers\ElbyCDFL.sys 2010/07/25 15:01:39.0390 ElbyCDIO (389823db299b350f2ee830d47376eeac) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys 2010/07/25 15:01:39.0421 ElbyVCD (c4143fc2f7d39a5a8b1cfe0bc4bd8a9e) C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys 2010/07/25 15:01:39.0546 esgiguard (051a2e2a75adb6d1c5c27e940fdabcba) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys 2010/07/25 15:01:39.0609 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2010/07/25 15:01:39.0781 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2010/07/25 15:01:39.0875 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 2010/07/25 15:01:39.0906 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2010/07/25 15:01:39.0937 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 2010/07/25 15:01:40.0062 fssfltr (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys 2010/07/25 15:01:40.0171 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2010/07/25 15:01:40.0390 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2010/07/25 15:01:40.0546 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2010/07/25 15:01:40.0640 GTUHSBUS (884199f75305f58038480f31e47604b7) C:\WINDOWS\system32\DRIVERS\gtuhsbus.sys 2010/07/25 15:01:40.0765 GTUHSNDISIPXP (26ea5eae39a48fc6667fcd35753dcfff) C:\WINDOWS\system32\DRIVERS\gtuhs51.sys 2010/07/25 15:01:40.0781 GTUHSSER (84f1e6dd27a401c7e69e277fd74aefde) C:\WINDOWS\system32\DRIVERS\gtuhsser.sys 2010/07/25 15:01:40.0937 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2010/07/25 15:01:41.0078 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2010/07/25 15:01:41.0218 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2010/07/25 15:01:41.0515 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2010/07/25 15:01:42.0000 ialm (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 2010/07/25 15:01:42.0625 iaStor (8ef427c54497c5f8a7a645990e4278c7) C:\WINDOWS\system32\drivers\iaStor.sys 2010/07/25 15:01:42.0750 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2010/07/25 15:01:43.0093 IntcAzAudAddService (afa6853aa949b5e151e4a10f6805b5b2) C:\WINDOWS\system32\drivers\RtkHDAud.sys 2010/07/25 15:01:43.0765 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2010/07/25 15:01:43.0843 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 2010/07/25 15:01:43.0984 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2010/07/25 15:01:44.0078 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2010/07/25 15:01:44.0187 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2010/07/25 15:01:44.0250 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2010/07/25 15:01:44.0312 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2010/07/25 15:01:44.0421 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/07/25 15:01:44.0437 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2010/07/25 15:01:44.0500 klmd24 (6485ad0a17a0d6286b4d44c652adabb2) C:\WINDOWS\system32\drivers\klmd.sys 2010/07/25 15:01:44.0546 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2010/07/25 15:01:44.0656 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2010/07/25 15:01:44.0703 L1c (6c8658587e91ea25b0fd2e71781ad228) C:\WINDOWS\system32\DRIVERS\l1c51x86.sys 2010/07/25 15:01:44.0796 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2010/07/25 15:01:44.0890 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 2010/07/25 15:01:45.0015 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys 2010/07/25 15:01:45.0156 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2010/07/25 15:01:45.0203 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2010/07/25 15:01:45.0265 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2010/07/25 15:01:45.0390 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2010/07/25 15:01:45.0562 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2010/07/25 15:01:45.0703 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2010/07/25 15:01:45.0765 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010/07/25 15:01:45.0921 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010/07/25 15:01:46.0046 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2010/07/25 15:01:46.0187 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2010/07/25 15:01:46.0359 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2010/07/25 15:01:46.0531 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2010/07/25 15:01:46.0687 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2010/07/25 15:01:46.0828 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2010/07/25 15:01:46.0937 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2010/07/25 15:01:47.0062 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2010/07/25 15:01:47.0125 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2010/07/25 15:01:47.0171 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2010/07/25 15:01:47.0234 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 2010/07/25 15:01:47.0296 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2010/07/25 15:01:47.0390 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2010/07/25 15:01:47.0562 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2010/07/25 15:01:47.0796 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2010/07/25 15:01:48.0125 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2010/07/25 15:01:48.0234 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2010/07/25 15:01:48.0468 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2010/07/25 15:01:48.0625 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys 2010/07/25 15:01:48.0796 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2010/07/25 15:01:48.0875 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 2010/07/25 15:01:49.0062 PCAMPR5 (b670c5d89f0726b7a2a7dfb4e968cdf8) C:\WINDOWS\system32\PCAMPR5.SYS 2010/07/25 15:01:49.0109 PCANDIS5 (ecd2f9d67b06606064daf6961a6d5efe) C:\WINDOWS\system32\PCANDIS5.SYS 2010/07/25 15:01:49.0296 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 2010/07/25 15:01:49.0375 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 2010/07/25 15:01:49.0500 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 2010/07/25 15:01:49.0625 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2010/07/25 15:01:49.0671 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2010/07/25 15:01:49.0687 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2010/07/25 15:01:49.0812 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2010/07/25 15:01:49.0875 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2010/07/25 15:01:49.0906 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2010/07/25 15:01:49.0937 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2010/07/25 15:01:50.0046 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2010/07/25 15:01:50.0125 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2010/07/25 15:01:50.0187 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2010/07/25 15:01:50.0265 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 2010/07/25 15:01:50.0375 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 2010/07/25 15:01:50.0390 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 2010/07/25 15:01:50.0468 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2010/07/25 15:01:50.0578 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 2010/07/25 15:01:50.0609 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2010/07/25 15:01:50.0687 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2010/07/25 15:01:50.0828 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2010/07/25 15:01:50.0906 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 2010/07/25 15:01:50.0953 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys 2010/07/25 15:01:51.0093 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 2010/07/25 15:01:51.0140 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2010/07/25 15:01:51.0187 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2010/07/25 15:01:51.0328 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2010/07/25 15:01:51.0500 SynTP (8e25a1dbb8527b2074af9b682f818768) C:\WINDOWS\system32\DRIVERS\SynTP.sys 2010/07/25 15:01:51.0640 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2010/07/25 15:01:51.0765 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2010/07/25 15:01:51.0875 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2010/07/25 15:01:51.0890 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2010/07/25 15:01:51.0921 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2010/07/25 15:01:52.0000 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2010/07/25 15:01:52.0109 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2010/07/25 15:01:52.0203 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2010/07/25 15:01:52.0250 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2010/07/25 15:01:52.0281 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2010/07/25 15:01:52.0328 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2010/07/25 15:01:52.0375 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2010/07/25 15:01:52.0468 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2010/07/25 15:01:52.0578 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys 2010/07/25 15:01:52.0671 uvclf (c019889035cdc1a06f2febc93cbb6897) C:\WINDOWS\system32\DRIVERS\uvclf.sys 2010/07/25 15:01:52.0703 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2010/07/25 15:01:52.0765 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 2010/07/25 15:01:52.0875 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2010/07/25 15:01:52.0937 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys 2010/07/25 15:01:53.0171 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2010/07/25 15:01:53.0406 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 2010/07/25 15:01:53.0468 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2010/07/25 15:01:53.0562 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2010/07/25 15:01:53.0593 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2010/07/25 15:01:53.0671 ================================================================================ 2010/07/25 15:01:53.0671 Scan finished 2010/07/25 15:01:53.0671 ================================================================================ 2010/07/25 15:01:53.0718 Detected object count: 1 2010/07/25 15:02:04.0421 atapi (4d8c79d986f6a226846c8c3a588192d8) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/07/25 15:02:04.0421 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\atapi.sys. Real md5: 4d8c79d986f6a226846c8c3a588192d8, Fake md5: 9f3a2f5aa6875c72bf062c712cfa2674 2010/07/25 15:02:05.0125 Backup copy found, using it.. 2010/07/25 15:02:05.0187 C:\WINDOWS\system32\DRIVERS\atapi.sys - will be cured after reboot 2010/07/25 15:02:05.0187 Rootkit.Win32.TDSS.tdl3(atapi) - User select action: Cure

mon ordi est completement infecté. Des messages de danger virus apparaissent avec des logiciel type "defense center" qui s'installent tout seul et me propose en permanence l'achat de la full version pour nettoyer mon ordi. C'est une note book avec windows xp familiale et antivir pour antivirus lequel au passage est completement bloqué et je ne peux plus le desisntaller ...Je ne peux plus accededer au gestionnaire des taches non plus merci de votre aide

ct sur UDMA

le premier check est en cours je fais une sauvegarde de quoi ?