roland57

Bonjour Oui fonctionnne mieux sauf que je n'ai pas accès à options des dossiers. Merci de votre intervention

Le rapport RogueKiller RogueKiller V6.1.7 [05/11/2011] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/37) Blog: tigzy-RK Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 32 bits version Demarrage : Mode normal Utilisateur: Jérémy [Droits d'admin] Mode: Recherche -- Date : 06/11/2011 21:47:28 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 3 ¤¤¤ [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ::1 localhost Termine : << RKreport[1].txt >> RKreport[1].txt

Les fichiers AdwCleaner # AdwCleaner v1.317 - Rapport créé le 06/11/2011 à 21:34:15 # Mis à jour le 06/11/11 à 14h par Xplode # Système d'exploitation : Windows Vista Home Basic Service Pack 2 (32 bits) # Nom d'utilisateur : Jérémy - PC-DE-JÉRÉMY (Administrateur) # Exécuté depuis : C:\Users\Jérémy\Documents\Downloads\Downloads\adwcleaner0.exe # Option [Recherche] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Présent : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchqutoolbar Fichier Présent : C:\Program Files\Mozilla Firefox\extensions\[email protected] Fichier Présent : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml Fichier Présent : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml Fichier Présent : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchplugins\SearchResults.xml ***** [Registre] ***** Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.DllInfo Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.Tools Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé Présente : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v5.0 (fr) Profil : 6u9moki1.default Fichier : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. -\\ Google Chrome v [impossible d'obtenir la version] Fichier : C:\Users\Jérémy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [2381 octets] - [06/11/2011 21:34:15] ########## EOF - C:\AdwCleaner[R1].txt - [2509 octets] ########## # AdwCleaner v1.317 - Rapport créé le 06/11/2011 à 21:35:49 # Mis à jour le 06/11/11 à 14h par Xplode # Système d'exploitation : Windows Vista Home Basic Service Pack 2 (32 bits) # Nom d'utilisateur : Jérémy - PC-DE-JÉRÉMY (Administrateur) # Exécuté depuis : C:\Users\Jérémy\Documents\Downloads\Downloads\adwcleaner0.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchqutoolbar Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml Fichier Supprimé : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchplugins\SearchResults.xml ***** [Registre] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.DllInfo Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.Tools Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v5.0 (fr) Profil : 6u9moki1.default Fichier : C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\prefs.js C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\user.js ... Supprimé ! [OK] Le fichier ne contient aucune entrée illégitime. -\\ Google Chrome v [impossible d'obtenir la version] Fichier : C:\Users\Jérémy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [2510 octets] - [06/11/2011 21:34:15] AdwCleaner[s1].txt - [2346 octets] - [06/11/2011 21:35:49] ************************* Dossier Temporaire : 4 dossier(s)et 2 fichier(s) supprimés ########## EOF - C:\AdwCleaner[s1].txt - [2565 octets] ##########

Ci dessous rapports Ad remover et Ad remover clean ====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:20:31 le 06/11/2011, Mode normal Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) Jérémy@PC-DE-JÉRÉMY (TOSHIBA Satellite L350) ============== RECHERCHE ============== Dossier trouvé: C:\Program Files\Windows Searchqu Toolbar Clé trouvée: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [5.0 (fr)] **** Plugins\NPCARDS.dll (Ganymede Technologies) Plugins\npdeployJava1.dll (Oracle Corporation) Plugins\npPandoWebInst.dll (Pando Networks) HKLM_MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0 (x) HKLM_MozillaPlugins\@checkpoint.com/FFApi (x) HKLM_MozillaPlugins\@glowria.fr/FireVMGate (x) HKLM_MozillaPlugins\Adobe Reader (x) HKCU_MozillaPlugins\@megamedia/Megakey (x) Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms}) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/) Components\browsercomps.dll (Mozilla Foundation) Extensions - "[email protected]" (?) Extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Console) -- C:\Users\Jérémy\AppData\Roaming\Mozilla\FireFox\Profiles\6u9moki1.default -- Extensions\[email protected] (Camfrog Web Plugin for Mozilla Firefox) Searchplugins\aol-web-search.xml (?) Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/) Prefs.js - browser.download.lastDir, C:\\Users\\Jérémy\\Desktop Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp HKCU_Main|Start Page - hxxp://www.google.fr/ HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://www.msn.com/ HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "?" (?) HKCU_SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} - "?" (?) HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x) HKCU_Toolbar\WebBrowser|{B80F591E-FE9A-46CF-A13E-180377240586} (x) HKCU_ElevationPolicy\{2A9B0B51-9E0B-4502-89FD-D236FBC71115} - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (x) HKCU_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x) HKCU_ElevationPolicy\{FB63194D-A154-41D1-BF8B-7A2875209630} - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (x) HKLM_ElevationPolicy\056f5f46-afde-4006-b6f6-d554a9c716ee - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\47279b91-3041-4097-96c7-417e66908d73 - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\665d3d8b-875d-42f4-94a1-0e5f91cac1cd - C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe (x) HKLM_ElevationPolicy\a1028f19-97e6-4d95-affe-07cbf22e3b7d - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\d876a5c4-ba0e-4564-b737-8fbe594196cc - C:\Program Files\DVDVideoSoft\DVDVideoSoftToolbarHelper.exe (x) HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (?) HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre7\bin\unpack200.exe (Oracle Corporation) HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?) HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Java\jre7\bin\jp2launcher.exe (Oracle Corporation) HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x) HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (?) HKLM_ElevationPolicy\{BC9A3E0D-0FBC-4CEA-A1E4-80646404A8E5} - C:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Java\jre7\bin\ssvagent.exe (Oracle Corporation) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 0 Fichier(s) C:\Ad-Report-SCAN[1].txt - 06/11/2011 21:20:52 (5497 Octet(s)) Fin à: 21:22:39, 06/11/2011 ============== E.O.F ============== ====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:23:23 le 06/11/2011, Mode normal Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) Jérémy@PC-DE-JÉRÉMY (TOSHIBA Satellite L350) ============== ACTION(S) ============== Dossier supprimé: C:\Program Files\Windows Searchqu Toolbar (!) -- Fichiers temporaires supprimés. Erreur suppression clé: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [5.0 (fr)] **** Plugins\NPCARDS.dll (Ganymede Technologies) Plugins\npdeployJava1.dll (Oracle Corporation) Plugins\npPandoWebInst.dll (Pando Networks) HKLM_MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0 (x) HKLM_MozillaPlugins\@checkpoint.com/FFApi (x) HKLM_MozillaPlugins\@glowria.fr/FireVMGate (x) HKLM_MozillaPlugins\Adobe Reader (x) HKCU_MozillaPlugins\@megamedia/Megakey (x) Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms}) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/) Components\browsercomps.dll (Mozilla Foundation) Extensions - "[email protected]" (?) Extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Console) -- C:\Users\Jérémy\AppData\Roaming\Mozilla\FireFox\Profiles\6u9moki1.default -- Extensions\[email protected] (Camfrog Web Plugin for Mozilla Firefox) Searchplugins\aol-web-search.xml (?) Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/) Prefs.js - browser.download.lastDir, C:\\Users\\Jérémy\\Desktop Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "?" (?) HKCU_SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} - "?" (?) HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x) HKCU_Toolbar\WebBrowser|{B80F591E-FE9A-46CF-A13E-180377240586} (x) HKCU_ElevationPolicy\{2A9B0B51-9E0B-4502-89FD-D236FBC71115} - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (x) HKCU_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x) HKCU_ElevationPolicy\{FB63194D-A154-41D1-BF8B-7A2875209630} - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (x) HKLM_ElevationPolicy\056f5f46-afde-4006-b6f6-d554a9c716ee - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\47279b91-3041-4097-96c7-417e66908d73 - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\665d3d8b-875d-42f4-94a1-0e5f91cac1cd - C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe (x) HKLM_ElevationPolicy\a1028f19-97e6-4d95-affe-07cbf22e3b7d - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\d876a5c4-ba0e-4564-b737-8fbe594196cc - C:\Program Files\DVDVideoSoft\DVDVideoSoftToolbarHelper.exe (x) HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (?) HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre7\bin\unpack200.exe (Oracle Corporation) HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?) HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Java\jre7\bin\jp2launcher.exe (Oracle Corporation) HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x) HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (?) HKLM_ElevationPolicy\{BC9A3E0D-0FBC-4CEA-A1E4-80646404A8E5} - C:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Java\jre7\bin\ssvagent.exe (Oracle Corporation) ======================================== C:\Program Files\Ad-Remover\Quarantine: 517 Fichier(s) C:\Program Files\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 06/11/2011 21:23:26 (5627 Octet(s)) C:\Ad-Report-SCAN[1].txt - 06/11/2011 21:20:52 (5635 Octet(s)) Fin à: 21:26:12, 06/11/2011 ============== E.O.F ===========

Ci dessous rapports Ad remover et Ad remover clean ====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:20:31 le 06/11/2011, Mode normal Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) Jérémy@PC-DE-JÉRÉMY (TOSHIBA Satellite L350) ============== RECHERCHE ============== Dossier trouvé: C:\Program Files\Windows Searchqu Toolbar Clé trouvée: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [5.0 (fr)] **** Plugins\NPCARDS.dll (Ganymede Technologies) Plugins\npdeployJava1.dll (Oracle Corporation) Plugins\npPandoWebInst.dll (Pando Networks) HKLM_MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0 (x) HKLM_MozillaPlugins\@checkpoint.com/FFApi (x) HKLM_MozillaPlugins\@glowria.fr/FireVMGate (x) HKLM_MozillaPlugins\Adobe Reader (x) HKCU_MozillaPlugins\@megamedia/Megakey (x) Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms}) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/) Components\browsercomps.dll (Mozilla Foundation) Extensions - "[email protected]" (?) Extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Console) -- C:\Users\Jérémy\AppData\Roaming\Mozilla\FireFox\Profiles\6u9moki1.default -- Extensions\[email protected] (Camfrog Web Plugin for Mozilla Firefox) Searchplugins\aol-web-search.xml (?) Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/) Prefs.js - browser.download.lastDir, C:\\Users\\Jérémy\\Desktop Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search Page - hxxp://home.microsoft.com/access/allinone.asp HKCU_Main|Start Page - hxxp://www.google.fr/ HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://www.msn.com/ HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "?" (?) HKCU_SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} - "?" (?) HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x) HKCU_Toolbar\WebBrowser|{B80F591E-FE9A-46CF-A13E-180377240586} (x) HKCU_ElevationPolicy\{2A9B0B51-9E0B-4502-89FD-D236FBC71115} - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (x) HKCU_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x) HKCU_ElevationPolicy\{FB63194D-A154-41D1-BF8B-7A2875209630} - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (x) HKLM_ElevationPolicy\056f5f46-afde-4006-b6f6-d554a9c716ee - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\47279b91-3041-4097-96c7-417e66908d73 - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\665d3d8b-875d-42f4-94a1-0e5f91cac1cd - C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe (x) HKLM_ElevationPolicy\a1028f19-97e6-4d95-affe-07cbf22e3b7d - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\d876a5c4-ba0e-4564-b737-8fbe594196cc - C:\Program Files\DVDVideoSoft\DVDVideoSoftToolbarHelper.exe (x) HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (?) HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre7\bin\unpack200.exe (Oracle Corporation) HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?) HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Java\jre7\bin\jp2launcher.exe (Oracle Corporation) HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x) HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (?) HKLM_ElevationPolicy\{BC9A3E0D-0FBC-4CEA-A1E4-80646404A8E5} - C:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Java\jre7\bin\ssvagent.exe (Oracle Corporation) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 0 Fichier(s) C:\Ad-Report-SCAN[1].txt - 06/11/2011 21:20:52 (5497 Octet(s)) Fin à: 21:22:39, 06/11/2011 ============== E.O.F ============== ====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:23:23 le 06/11/2011, Mode normal Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86) Jérémy@PC-DE-JÉRÉMY (TOSHIBA Satellite L350) ============== ACTION(S) ============== Dossier supprimé: C:\Program Files\Windows Searchqu Toolbar (!) -- Fichiers temporaires supprimés. Erreur suppression clé: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [5.0 (fr)] **** Plugins\NPCARDS.dll (Ganymede Technologies) Plugins\npdeployJava1.dll (Oracle Corporation) Plugins\npPandoWebInst.dll (Pando Networks) HKLM_MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0 (x) HKLM_MozillaPlugins\@checkpoint.com/FFApi (x) HKLM_MozillaPlugins\@glowria.fr/FireVMGate (x) HKLM_MozillaPlugins\Adobe Reader (x) HKCU_MozillaPlugins\@megamedia/Megakey (x) Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms}) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/) Components\browsercomps.dll (Mozilla Foundation) Extensions - "[email protected]" (?) Extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} (Java Console) -- C:\Users\Jérémy\AppData\Roaming\Mozilla\FireFox\Profiles\6u9moki1.default -- Extensions\[email protected] (Camfrog Web Plugin for Mozilla Firefox) Searchplugins\aol-web-search.xml (?) Searchplugins\SearchResults.xml ( hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&q={searchTerms}/) Prefs.js - browser.download.lastDir, C:\\Users\\Jérémy\\Desktop Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x) HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "?" (?) HKCU_SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} - "?" (?) HKCU_Toolbar\WebBrowser|{724D43A0-0D85-11D4-9908-00400523E39A} (x) HKCU_Toolbar\WebBrowser|{B80F591E-FE9A-46CF-A13E-180377240586} (x) HKCU_ElevationPolicy\{2A9B0B51-9E0B-4502-89FD-D236FBC71115} - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (x) HKCU_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x) HKCU_ElevationPolicy\{FB63194D-A154-41D1-BF8B-7A2875209630} - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (x) HKLM_ElevationPolicy\056f5f46-afde-4006-b6f6-d554a9c716ee - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\47279b91-3041-4097-96c7-417e66908d73 - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\665d3d8b-875d-42f4-94a1-0e5f91cac1cd - C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe (x) HKLM_ElevationPolicy\a1028f19-97e6-4d95-affe-07cbf22e3b7d - C:\Program Files\fullscreensavers\fullscreensaversToolbarHelper.exe (x) HKLM_ElevationPolicy\d876a5c4-ba0e-4564-b737-8fbe594196cc - C:\Program Files\DVDVideoSoft\DVDVideoSoftToolbarHelper.exe (x) HKLM_ElevationPolicy\{0C5365B7-358F-402d-A440-F1270AEF1175} - C:\ProgramData\EmailNotifier\EmailNotifier.exe (?) HKLM_ElevationPolicy\{3B9A6E32-36C9-4946-B78C-3F58E3785EC1} - C:\Program Files\Java\jre7\bin\unpack200.exe (Oracle Corporation) HKLM_ElevationPolicy\{44295CB8-D71B-11DA-8750-001185653D78} - c:\program files\google\googletoolbar1user.exe (?) HKLM_ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} - C:\Program Files\Java\jre7\bin\jp2launcher.exe (Oracle Corporation) HKLM_ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} - C:\Program Files\Java\jre7\bin\javaws.exe (Oracle Corporation) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B4256A73-837C-4195-BD10-0ADEE51BEFF6} - C:\Program Files\NOS\bin\getPlusPlus_Adobe.exe (x) HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (?) HKLM_ElevationPolicy\{BC9A3E0D-0FBC-4CEA-A1E4-80646404A8E5} - C:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?) HKLM_ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} - C:\Program Files\Java\jre7\bin\ssvagent.exe (Oracle Corporation) ======================================== C:\Program Files\Ad-Remover\Quarantine: 517 Fichier(s) C:\Program Files\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 06/11/2011 21:23:26 (5627 Octet(s)) C:\Ad-Report-SCAN[1].txt - 06/11/2011 21:20:52 (5635 Octet(s)) Fin à: 21:26:12, 06/11/2011 ============== E.O.F ===========

Bonjour, merci de votre réponse, ci-dessous le rapport Rapport de ZHPDiag v1.28.2221 par Nicolas Coolman, Update du 06/11/2011 Run by Jérémy at 11/6/2011 12:17:47 Web site : ZHPDiag Outil de diagnostic State : Version à jour. ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 5.0 v5.0 GCIE: Google Chrome v14.0.835.202 (Defaut) ---\\ Windows Product Information Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : HBTPB Windows License : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: x86 Family 6 Model 22 Stepping 1, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2037.2 MB (60% free) System Restore: Activé (Enable) System drive C: has 14 GB (25%) free of 56 GB ---\\ Logged in mode ~ Computer Name: PC-DE-JÉRÉMY ~ User Name: Jérémy ~ All Users Names: SophosSAUPC-DE-JÉRÉ0, Jérémy, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Jérémy\AppData\Roaming\ ~ %Desktop% : C:\Users\Jérémy\Desktop\ ~ %Favorites% : C:\Users\Jérémy\Favorites\ ~ %LocalAppData% : C:\Users\Jérémy\AppData\Local\ ~ %StartMenu% : C:\Users\Jérémy\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 56 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 8 Go of 55 Go) F:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.9/16/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.11/2/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.1/21/2008 - 03:33:13.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.D3788D91530CFA005BD516189A4C676E] - (.Microsoft Corporation - Internet Extensions for Win32.) (.10/13/2011 - 03:28:15.) -- C:\Windows\system32\wininet.dll [1126912] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.9/16/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.1/21/2008 - 08:20:47.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.6/16/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.9/16/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.1/21/2008 - 03:33:23.) -- C:\Windows\system32\drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.9/16/2009 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.6/16/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.9/16/2009 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.1/21/2008 - 03:32:45.) -- C:\Windows\system32\drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.1/21/2008 - 03:34:06.) -- C:\Windows\system32\drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.6/16/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.9/16/2009 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.9/16/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.11/2/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.1/21/2008 - 03:34:44.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.1/21/2008 - 03:32:22.) -- C:\Windows\system32\drivers\rdpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.9/16/2009 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.9/16/2009 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/9 ~ Mes musiques (My Musics) : 5/7 ~ Mes Videos (My Video) : 0/0 ~ Mes Favoris (My Favorites) : 4/855 ~ Mes Documents (My Documents) : 4/252 ~ Mon Bureau (My Desktop) : 1/76 ~ Menu demarrer (Programs) : 7/41 ~ Scan Hidden Files in 00mn 00s ---\\ Processus lancés [MD5.6E240D6C2F0DB74BED13AD723D3AB0A1] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904] [PID.2316] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.2324] [MD5.FFC7CF5E4DAEDC38A818E9890EF337D2] - (.PC Tools - PC Tools Firewall GUI.) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2676696] [PID.2332] [MD5.4C1F26CFCA34E978CC1311F9F080F675] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.3996] [MD5.7E9CC482832D7076D5F0418FBDAB3C6D] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [702464] [PID.3084] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.] [MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.] [MD5.C0393EB99A6C72C6BEF9BFC4A72B33A6] - (.SUPERAntiSpyware.com - Core Service.) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608] [PID.] [MD5.A1545B731579895D8CC44FC0481C1192] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.] [MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.] [MD5.ACEDB7769F9043E869E252153487CC5C] - (.FileOpen Systems Inc. - FileOpen Manager Service (Hooker).) -- C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe [212352] [PID.] [MD5.185DC440D18181D9FBB074C326A2D1D0] - (.PC Tools - PC Tools Firewall Plus service.) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe [287024] [PID.] [MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.] [MD5.E47F35A87FF0DA38DEF37A0EB0C2D2DF] - (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312] [PID.] [MD5.C5AC715B65B01788ABC22D10749DDDD8] - (.TOSHIBA Corporation - TDCSrv Application.) -- C:\Windows\system32\TODDSrv.exe [129632] [PID.] [MD5.DA6903958CBDC091FFCBBCA70CCFF34C] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [431456] [PID.] [MD5.22690DFFC7F2A18279A7A0489AA02BAC] - (.TOSHIBA Corporation - TosIPCSrv.exe.) -- c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976] [PID.] [MD5.CD5F291A1161F15896D1A4D63DAFF5DF] - (.Conexant Systems, Inc. - Modem Audio Service.) -- C:\Windows\system32\DRIVERS\xaudio.exe [386560] [PID.] [MD5.94E920BE59B9AB65D95E582DBAA136AC] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366152] [PID.] [MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files\ZHPDiag\pv.exe [61440] [PID.] ~ Scan Processes Running in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Jérémy\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\prefs.js C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\user.js M3 - MFPP: Plugins - [Jérémy] -- C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchplugins\aol-web-search.xml M3 - MFPP: Plugins - [Jérémy] -- C:\Users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\6u9moki1.default\searchplugins\SearchResults.xml M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Jérémy] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M2 - MFEP: prefs.js [Jérémy - 6u9moki1.default\[email protected]] [] Camfrog Web Plugin for Mozilla Firefox v2,0,6,81 (.Camshare Inc..) P2 - FPN:Firefox Plugin Navigator . (.Ganymede Technologies - Ganymede Technologies.) -- C:\Program Files\Mozilla Firefox\Plugins\NPCARDS.dll P2 - FPN:Firefox Plugin Navigator . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0042.0.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.Pando Networks - Pando Web Installer.) -- C:\Program Files\Mozilla Firefox\Plugins\npPandoWebInst.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16297.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@canalplus.fr/Assistants VOD,version=1.0.0.0] - (.Canal+ Active - npCpVod.) -- C:\Program Files\Canal\Canal Widget\VOD\npcpvod.dll P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (...) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll (.not file.) P2 - FPN: [HKLM] [@glowria.fr/FireVMGate] - (. Glowria - npFireVMGate.) -- C:\Program Files\Common Files\Glowria\npFireVMGate.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.0.0 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@nosltd.com/getPlus+®,version=1.6.2.97] - (.NOS Microsystems Ltd. - getplusplusadobe16297.) -- C:\Program Files\NOS\bin\np_gp.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.10] - (.the VideoLAN Team - Version 1.1.10, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKCU] [@megamedia/Megakey] - (...) -- C:\Users\Jérémy\AppData\Local\Megamedia\Megakey\npMegaPlugin.dll (.not file.) ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = MSN.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R3 - URLSearchHook: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (...) (No version) -- (.not file.) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [00PCTFW] . (.PC Tools - PC Tools Firewall GUI.) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\CDisplay.lnk . (.David Ayton.) -- C:\Program Files\CDisplay\CDisplay.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\ClearProg.lnk . (.privat.) -- C:\Program Files\ClearProg\ClearProg.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\explorer - Raccourci.lnk . (.Microsoft Corporation.) -- C:\Windows\explorer.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\Format Factory.lnk . (.Free Time.) -- C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\Free Card Solitaire.lnk . (...) -- C:\Program Files\Free Card Solitaire\FreeCardSolitaire.exe (.not file.) O4 - Global Startup: C:\Users\Jérémy\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\MID 04112011 - Raccourci.lnk . (...) -- C:\Users\Jérémy\Documents\Downloads\Downloads\MID 04112011.pdf O4 - Global Startup: C:\Users\Jérémy\Desktop\Notepad++.lnk . (.Don HO [email protected].) -- C:\Program Files\Notepad++\notepad++.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\SFR Video Manager.lnk . (.Glowria.) -- C:\Program Files\SFR\SFR.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\Toolbar Cleaner.lnk . (...) -- C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\Update Checker.lnk . (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\Jérémy\Desktop\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk . (...) -- C:\Windows\System32\rundll32.exe O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Camfrog Video Chat 6.0.lnk . (.Camshare Inc..) -- C:\Program Files\Camfrog Video Chat\Camfrog Video Chat.exe O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Restart MiniLyrics.lnk . (...) -- C:\Program Files\Minilyrics\MLStart.exe O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\Launcher.exe O4 - Global Startup: C:\Users\Jérémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Initex Software - Proxifier Namespace Service Provider.) -- C:\Windows\system32\PrxerNsp.dll ~ Scan Winsock in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{168D3F95-661C-4F32-A14F-E3CA8C44A73B}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{168D3F95-661C-4F32-A14F-E3CA8C44A73B}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\system32\mshtml.dll O18 - Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} . (...) -- O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\system32\mshtml.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll ~ Scan Winlogon in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: FileOpenManagerSvc (FileOpenManagerSvc) . (.FileOpen Systems Inc. - FileOpen Manager Service (Hooker).) - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) . (.PC Tools - PC Tools Firewall Plus service.) - C:\Program Files\PC Tools Firewall Plus\FWService.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) . (.TOSHIBA Corporation - TOSHIBA Navi Support Service.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation - TosIPCSrv.exe.) - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cc92a2347ffa26.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{53EA0F01-CCF3-49F5-9629-57C140689B59}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{32C5F049-D596-49F1-8BB7-D09C3F529815}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{A3E91B61-3BAE-408A-9CC2-5E4B09A99B67}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{D96FE6C3-127C-47D4-B13B-E64A70DC9348}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{F2C0A09A-CCD1-4F50-A560-CB4B2B98044C}.job ~ Scan Scheduled Task in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: (pctgntdi) . (.PC Tools - PC Tools Generic TDI Driver.) - C:\Windows\system32\drivers\pctgntdi.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: (RtlProt) . (.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - C:\Windows\system32\DRIVERS\rtlprot.sys O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.1.1) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA1000000001} O42 - Logiciel: Adobe Reader X (10.1.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CDisplay 1.8 - (.dvd8n.) [HKLM] -- CDisplay_is1 O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95-A39968DD7960} O42 - Logiciel: Camfrog Video Chat 6.0 - (.Camshare Inc..) [HKLM] -- Camfrog 6.0 O42 - Logiciel: Camfrog Web Advanced 2.0 ActiveX Plugin (remove only) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU2 O42 - Logiciel: CamfrogWEB Advanced ActiveX Plugin (remove only) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU O42 - Logiciel: ClearProg 1.6.0 Final - (.Sven Hoffman.) [HKLM] -- ClearProg O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] -- {F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485} O42 - Logiciel: Desktop SMS - (.IDM.) [HKLM] -- {5980B928-1C95-4B3E-957B-B02D8147FF9E} O42 - Logiciel: Désinstallation du SFR Video Manager - (.Pas de propriétaire.) [HKLM] -- SFR O42 - Logiciel: Feedback Tool - (.Microsoft Corporation.) [HKLM] -- {13A5E785-5197-4EAD-8EE3-D660271E49BC} O42 - Logiciel: FileHippo.com Update Checker - (.Pas de propriétaire.) [HKLM] -- FileHippo.com O42 - Logiciel: FileOpen Client - (.FileOpen Systems, Inc..) [HKLM] -- {ABC082A6-A587-493C-83C1-5F2C60A8BAA8} O42 - Logiciel: FormatFactory 2.70 - (.Free Time.) [HKLM] -- FormatFactory O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Désactivation du cookie publicitaire - (.Google Inc.) [HKLM] -- {F23785D1-8C3C-44A1-A765-13E1F4870223} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6 - (.HP.) [HKLM] -- {722B4A13-F24D-43AE-8813-5DB82C0B23C2} O42 - Logiciel: HP Print Projects 1.0 - (.HP.) [HKLM] -- HP Print Projects O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {818ABC3C-635C-4651-8183-D0E9640B7DD1} O42 - Logiciel: HTML Help Workshop - (.Pas de propriétaire.) [HKLM] -- HTML Help Workshop O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI O42 - Logiciel: Intel® Matrix Storage Manager - (.Pas de propriétaire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Java 6 Update 22 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0} O42 - Logiciel: Java 6 Update 26 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF} O42 - Logiciel: Java 7 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217000FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: Lecteur CANAL - (.CanalPlus.) [HKLM] -- {04DA096D-6236-4A5D-8FB6-3081E67009BA} O42 - Logiciel: Lecteur CANALPLAY 2.4 - (.Canal+ Distribution.) [HKLM] -- {E9E37358-E3E1-47BA-9E21-375EF3616BC9} O42 - Logiciel: Lyrics Plugin for Windows Media Player - (.Lyrics Plugin.) [HKLM] -- {43002AE2-4093-49E0-A03D-990EE184C568} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Manuels TOSHIBA - (.TOSHIBA.) [HKLM] -- {5B1DD5AA-FF34-4D6E-A912-CB46BB7378DC} O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM] -- {50816F92-1652-4A7C-B9BC-48F682742C4B} O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Minilyrics(remove only) - (.Pas de propriétaire.) [HKLM] -- MiniLyrics O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Moniteur neufbox - (.Pas de propriétaire.) [HKCU] -- Moniteur neufbox O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr) O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++ O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {05653DE1-6567-40C6-B930-39D399B64369} O42 - Logiciel: PC Tools Firewall Plus 7.0 - (.PC Tools.) [HKLM] -- PC Tools Firewall Plus O42 - Logiciel: Proxifier version 2.91 - (.Initex Software.) [HKLM] -- Proxifier_is1 O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C} O42 - Logiciel: REALTEK RTL8187B Wireless LAN Driver - (.Pas de propriétaire.) [HKLM] -- {895722FE-25FE-4854-95AC-B0C42F9DBEDA} O42 - Logiciel: Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D} O42 - Logiciel: Realtek WiFi Protected Setup Library - (.REALTEK Semiconductor Corp..) [HKLM] -- {02CA24DD-C8B0-4280-BE53-7862869C2EB1} O42 - Logiciel: Réducteur de bruit du lecteur de CD/DVD - (.TOSHIBA.) [HKLM] -- {9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D} O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit O42 - Logiciel: SFR - Mediacenter Evolution - (.SFR.) [HKLM] -- SFR_Mediacenter Evolution O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} O42 - Logiciel: Songbird 1.9.3 (Build 1959) - (.Pas de propriétaire.) [HKLM] -- Songbird-release-1959 O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 8 - (.Adobe Systems.) [HKLM] -- {AC76BA86-7AD7-5464-3428-800000000003} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67} O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM] -- {78C6A78A-8B03-48C8-A47C-78BA1FCA2307} O42 - Logiciel: TOSHIBA DVD PLAYER - (.TOSHIBA Corporation.) [HKLM] -- {6C5F3BDC-0A1B-4436-A696-5939629D5C31} O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0} O42 - Logiciel: TOSHIBA Extended Tiles for Windows Mobility Center - (.Toshiba.) [HKLM] -- InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF} O42 - Logiciel: TOSHIBA Hardware Setup - (.Pas de propriétaire.) [HKLM] -- {2883F6F5-0509-43F3-868C-D50330DD9DD3} O42 - Logiciel: TOSHIBA Recovery Disc Creator - (.TOSHIBA.) [HKLM] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF} O42 - Logiciel: TOSHIBA Supervisor Password - (.Pas de propriétaire.) [HKLM] -- {4B1E87C3-00DE-4898-8E39-E390AAEF2391} O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8} O42 - Logiciel: TRDCReminder - (.TOSHIBA.) [HKLM] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492} O42 - Logiciel: TRORDCLauncher - (.TOSHIBA.) [HKLM] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600} O42 - Logiciel: Toolbar Cleaner 1.0 - (.Visicom Media Inc..) [HKLM] -- Toolbar Cleaner O42 - Logiciel: Toshiba Online Product Information - (.TOSHIBA.) [HKLM] -- {2290A680-4083-410A-ADCC-7092C67FC052} O42 - Logiciel: Uniblue DriverScanner - (.Uniblue Systems Ltd.) [HKLM] -- {C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1 O42 - Logiciel: Uniblue PowerSuite - (.Uniblue Systems Ltd.) [HKLM] -- {793A260C-CDBF-499C-ABBA-B51E8E076867}_is1 O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster O42 - Logiciel: Uniblue SpeedUpMyPC - (.Uniblue Systems Ltd.) [HKLM] -- {E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523 O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27} O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: Visual IP Locator v1.4.0 - (.Pas de propriétaire.) [HKLM] -- Visual IP Locator v1.4.0 O42 - Logiciel: Webcam 1200 - (.Logitech.) [HKLM] -- {66D475AE-F18B-43A0-8BAF-61AF4403E339} O42 - Logiciel: WinRAR 4.10 beta 1 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: WinTask 3.7a - (.TaskWare.) [HKLM] -- {15A6D20D-E6A1-49AE-8BCA-CFBCF25DE5FD} O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {FE044230-9CA5-43F7-9B58-5AC5A28A1F33} O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {759142E8-25B0-42AE-B408-4215065D3F4B} O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {BCF16F16-AC0E-4ABE-A9EF-412CF484BA51} O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {C861504E-2F57-4F95-AB0A-C7C7D8E46A4E} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {C6150D8A-86ED-41D3-87BB-F3BB51B0B77F} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {C66824E4-CBB3-4851-BB3F-E8CFD6350923} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {A0C91188-C88F-4E86-93E6-CD7C9A266649} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48} O42 - Logiciel: Windows Live Mesh ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] -- {2902F983-B4C1-44BA-B85D-5C6D52E2C441} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11} O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {19BA08F7-C728-469C-8A35-BFBD3633BE08} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38} O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- Windows Live OneCare safety scanner O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- {FE0646A7-19D0-41B4-A2BB-2C35D644270D} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {D436F577-1695-4D2F-8B44-AC76C99E0002} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {34F4D9A4-42C2-4348-BEF4-E553C84549E7} O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF} O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {464B3406-A4D0-4914-910F-7CA4380DCC13} O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C} O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0} O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {17504ED4-DB08-40A8-81C2-27D8C01581DA} O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAF454FC-82CA-4F29-AB31-6A109485E76E} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {DDC8BDEE-DCAC-404D-8257-3E8D4B782467} O42 - Logiciel: Windows Mail Recovery v.1.1 - (.NSoftware.) [HKLM] -- Windows Mail Recovery_is1 O42 - Logiciel: Xvid 1.2.2 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1 O42 - Logiciel: uTorrentBar_FR Toolbar - (.uTorrentBar_FR.) [HKLM] -- uTorrentBar_FR Toolbar ---\\ HKCU & HKLM Software Keys [HKCU\Software\ACP] [HKCU\Software\ASProtect] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\AhnLab] [HKCU\Software\Ahusoft] [HKCU\Software\Almaz Gaifullin] [HKCU\Software\AnyBizSoft] [HKCU\Software\AppDataLow\ISWVolatile] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\DivXNetworks] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow\Software\cooliris] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow\Software\uTorrentBar_FR] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Applications WinDev] [HKCU\Software\AutomateBuilder] [HKCU\Software\Avira] [HKCU\Software\Belarc] [HKCU\Software\Binary Noise] [HKCU\Software\BitDefender] [HKCU\Software\BitTorrent] [HKCU\Software\Borland] [HKCU\Software\CDDB] [HKCU\Software\CDisplay] [HKCU\Software\CEC_CM_SW] [HKCU\Software\CLSID] [HKCU\Software\CTPW Data] [HKCU\Software\CamfrogWEBAdvanced] [HKCU\Software\CamfrogWeb] [HKCU\Software\Camfrog] [HKCU\Software\Canal+ Active] [HKCU\Software\Classes.crx] [HKCU\Software\Classes] [HKCU\Software\ClearProg] [HKCU\Software\Clementine] [HKCU\Software\Clients] [HKCU\Software\Convar] [HKCU\Software\CoreAAC] [HKCU\Software\CrystalIdea Software] [HKCU\Software\DFX] [HKCU\Software\DT Soft] [HKCU\Software\Digital River] [HKCU\Software\Ditto] [HKCU\Software\DivXNetworks] [HKCU\Software\Dx6.2] [HKCU\Software\EA Sports] [HKCU\Software\EASEUS] [HKCU\Software\Electronic Arts] [HKCU\Software\F-Secure] [HKCU\Software\FileHippo.com] [HKCU\Software\FileMaker] [HKCU\Software\FileOpen] [HKCU\Software\FreeTime] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Gadwin Systems] [HKCU\Software\GanymedeNet] [HKCU\Software\Garmin] [HKCU\Software\Google] [HKCU\Software\Greatis] [HKCU\Software\HP] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IDM] [HKCU\Software\IM Providers] [HKCU\Software\Informer Technologies, Inc.] [HKCU\Software\Initex Software] [HKCU\Software\Intel] [HKCU\Software\InterVideo] [HKCU\Software\JavaSoft] [HKCU\Software\Jjvkpcpg] [HKCU\Software\Jouve] [HKCU\Software\KC Softwares] [HKCU\Software\Kommute] [HKCU\Software\Lavalys] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Lyrics Plugin] [HKCU\Software\Macromedia] [HKCU\Software\Macrovision] [HKCU\Software\Magnet] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MimarSinan] [HKCU\Software\MiniLyrics] [HKCU\Software\Mirabilis] [HKCU\Software\Mozilla Backup] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Multi File Downloader] [HKCU\Software\MyCompany] [HKCU\Software\NASA] [HKCU\Software\Netscape] [HKCU\Software\Network Automation] [HKCU\Software\Neuf] [HKCU\Software\Nicolas Vannier] [HKCU\Software\NoNonsense] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\PC SOFT] [HKCU\Software\PCTools] [HKCU\Software\Permeo Technologies] [HKCU\Software\Pinnacle Systems] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RAD Game Tools] [HKCU\Software\RapidSolution] [HKCU\Software\RayV] [HKCU\Software\RealNetworks] [HKCU\Software\Recoveronix] [HKCU\Software\Rep-Listing] [HKCU\Software\SFR] [HKCU\Software\SHOUTcast] [HKCU\Software\SST Incorporated] [HKCU\Software\SUPERAntiSpyware.com] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SecuROM] [HKCU\Software\Secunia] [HKCU\Software\Siber Systems] [HKCU\Software\Skype] [HKCU\Software\SoftBulldog] [HKCU\Software\Softonic] [HKCU\Software\Songbird] [HKCU\Software\StarSynergy] [HKCU\Software\Stardock] [HKCU\Software\Strius] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\TOSHIBA] [HKCU\Software\TVANTS] [HKCU\Software\TaskWare] [HKCU\Software\TeamViewer] [HKCU\Software\ToolbarCleaner] [HKCU\Software\Trolltech] [HKCU\Software\TuneUp] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Veoh] [HKCU\Software\W3i, LLC] [HKCU\Software\WideStream] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\WsAudio_DeviceS(1)] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Zone Labs] [HKCU\Software\ej-technologies] [HKCU\Software\geissplugin] [HKCU\Software\keyhole.com] [HKCU\Software\www.VictorGSM.net] [HKCU\Software\xp-AntiSpy] [HKLM\Software\AVS4YOU] [HKLM\Software\Adobe] [HKLM\Software\Ahnlab] [HKLM\Software\America Online] [HKLM\Software\AnyBizSoft] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\AviSynth] [HKLM\Software\Avira] [HKLM\Software\Belarc] [HKLM\Software\Borland] [HKLM\Software\CDDB] [HKLM\Software\CUSTPDF Writer] [HKLM\Software\CXT] [HKLM\Software\Canal+ Active] [HKLM\Software\CheckPoint] [HKLM\Software\Chicony Electronics Co.,Ltd.] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Common Toolkit Suite] [HKLM\Software\Conexant Systems] [HKLM\Software\Conexant] [HKLM\Software\DFX] [HKLM\Software\DT Soft] [HKLM\Software\Daniusoft] [HKLM\Software\DivXNetworks] [HKLM\Software\EA SPORTS] [HKLM\Software\Electronic Arts] [HKLM\Software\Elf_1.15] [HKLM\Software\Eset] [HKLM\Software\GNU] [HKLM\Software\GPL Ghostscript] [HKLM\Software\Google] [HKLM\Software\Greatis] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IDM] [HKLM\Software\Initex Software] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\Jjvkpcpg] [HKLM\Software\Jouve] [HKLM\Software\JreMetrics] [HKLM\Software\KC Softwares] [HKLM\Software\LG PC Suite2] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\McAfee.com] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NOS] [HKLM\Software\Network Automation] [HKLM\Software\Neuf] [HKLM\Software\Nullsoft] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\PCTools] [HKLM\Software\Panda Software] [HKLM\Software\PegasusImaging] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RAD Game Tools] [HKLM\Software\RTLSetup] [HKLM\Software\RapidSolution] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek USB 2.0 Card Reader] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Returnil] [HKLM\Software\RtWLan] [HKLM\Software\S3R521] [HKLM\Software\SRS Labs] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safer Networking Limited] [HKLM\Software\ScanSoft] [HKLM\Software\Secunia] [HKLM\Software\SecureDigitalServices] [HKLM\Software\Siber Systems] [HKLM\Software\Songbird] [HKLM\Software\Stardock] [HKLM\Software\Suyin Optronics Corp] [HKLM\Software\Swearware] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\Sys Modules] [HKLM\Software\TOSHIBA] [HKLM\Software\TaskWare] [HKLM\Software\TrendMicro] [HKLM\Software\TuneUp] [HKLM\Software\Ulead Systems] [HKLM\Software\Uniblue] [HKLM\Software\VictorGSM] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\W3i] [HKLM\Software\WOW6432Node] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wise Solutions] [HKLM\Software\X-AVCSD] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Zone Labs] [HKLM\Software\afplanet] [HKLM\Software\instinno] [HKLM\Software\mozilla.org] [HKLM\Software\uTorrentBar_FR] [HKLM\Software\vectrics] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 4/18/2011 - 17:37:20 - [217088358] ----D- C:\Program Files\Adobe O43 - CFD: 1/19/2010 - 09:53:30 - [41648511] ----D- C:\Program Files\adslTV O43 - CFD: 10/19/2009 - 07:33:00 - [60460859] ----D- C:\Program Files\AhnLab O43 - CFD: 4/22/2011 - 09:45:08 - [0] ----D- C:\Program Files\AnglaisFacile.com O43 - CFD: 8/7/2009 - 14:45:24 - [2221118] ----D- C:\Program Files\Apple Software Update O43 - CFD: 11/14/2010 - 17:21:20 - [149951293] ----D- C:\Program Files\Avira O43 - CFD: 10/11/2011 - 21:21:56 - [1123912] ----D- C:\Program Files\AVS4YOU O43 - CFD: 11/17/2010 - 08:43:00 - [64838844] ----D- C:\Program Files\Camera Assistant Software for Toshiba O43 - CFD: 4/7/2011 - 18:16:22 - [16773297] ----D- C:\Program Files\Camfrog Video Chat O43 - CFD: 2/7/2009 - 15:24:40 - [4096215] ----D- C:\Program Files\Canal O43 - CFD: 10/26/2011 - 11:18:08 - [4233624] ----D- C:\Program Files\CCleaner O43 - CFD: 6/23/2011 - 23:48:48 - [2044187] ----D- C:\Program Files\CDisplay O43 - CFD: 5/8/2011 - 08:28:20 - [16886518] ----D- C:\Program Files\CFWebAdvancedU2 O43 - CFD: 12/1/2010 - 08:50:26 - [402413] ----D- C:\Program Files\CheckPoint O43 - CFD: 6/24/2011 - 17:30:58 - [647731] ----D- C:\Program Files\ClearProg O43 - CFD: 7/28/2011 - 17:43:24 - [632824261] ----D- C:\Program Files\Common Files O43 - CFD: 9/9/2010 - 08:14:50 - [304608] ----D- C:\Program Files\DIFX O43 - CFD: 7/13/2009 - 17:51:58 - [406656] ----D- C:\Program Files\DNA O43 - CFD: 3/21/2009 - 21:39:18 - [1748992] ----D- C:\Program Files\ELIXIS O43 - CFD: 2/16/2011 - 17:35:36 - [2394144] ----D- C:\Program Files\Feedback Tool O43 - CFD: 11/21/2008 - 15:12:38 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 7/13/2011 - 18:19:40 - [381086] ----D- C:\Program Files\FileHippo.com O43 - CFD: 4/15/2011 - 08:39:58 - [886664] ----D- C:\Program Files\FileOpen O43 - CFD: 7/27/2011 - 15:12:16 - [12612481] ----D- C:\Program Files\Free mp3 Wma Converter O43 - CFD: 7/22/2011 - 11:09:54 - [105248707] ----D- C:\Program Files\FreeTime O43 - CFD: 3/27/2011 - 22:20:14 - [376510474] ----D- C:\Program Files\Google O43 - CFD: 8/5/2010 - 13:55:08 - [196439049] ----D- C:\Program Files\HP O43 - CFD: 9/16/2009 - 19:51:54 - [3982892] ----D- C:\Program Files\HTML Help Workshop O43 - CFD: 2/15/2008 - 15:29:10 - [15909978] ----D- C:\Program Files\IDM O43 - CFD: 9/28/2009 - 16:04:32 - [842198] ----D- C:\Program Files\IEPro O43 - CFD: 4/22/2011 - 17:35:20 - [141427916] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 11/21/2008 - 15:04:36 - [38935307] ----D- C:\Program Files\Intel O43 - CFD: 10/13/2011 - 04:39:48 - [6490044] ----D- C:\Program Files\Internet Explorer O43 - CFD: 2/15/2008 - 15:14:16 - [23151528] ----D- C:\Program Files\InterVideo O43 - CFD: 9/5/2011 - 12:57:02 - [280044672] ----D- C:\Program Files\Java O43 - CFD: 10/22/2009 - 19:28:04 - [10254287] ----D- C:\Program Files\Lecteur CANALPLAY O43 - CFD: 11/2/2011 - 09:22:40 - [7037566] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 4/7/2010 - 12:58:18 - [4666344] ----D- C:\Program Files\Messenger Plus! Live O43 - CFD: 7/14/2011 - 08:19:36 - [0] ----D- C:\Program Files\Microsoft O43 - CFD: 5/2/2010 - 05:05:02 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 11/2/2006 - 13:35:52 - [518] ----D- C:\Program Files\Microsoft Games O43 - CFD: 7/14/2011 - 08:21:54 - [0] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 4/10/2009 - 23:03:12 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 9/14/2010 - 02:02:22 - [15715] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 4/1/2011 - 14:14:08 - [5066434] ----D- C:\Program Files\Minilyrics O43 - CFD: 5/26/2009 - 20:19:58 - [7702747] ----D- C:\Program Files\Moniteur neufbox O43 - CFD: 8/12/2010 - 04:47:18 - [20470054] ----D- C:\Program Files\Movie Maker O43 - CFD: 11/2/2011 - 18:44:20 - [38829354] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 11/2/2006 - 13:35:52 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 7/12/2009 - 19:03:36 - [28077075] ----D- C:\Program Files\MSECache O43 - CFD: 5/9/2009 - 10:34:08 - [18960593] ----D- C:\Program Files\Neuf O43 - CFD: 1/19/2011 - 14:11:58 - [74336] ----D- C:\Program Files\NOS O43 - CFD: 7/13/2011 - 18:23:38 - [14360284] ----D- C:\Program Files\Notepad++ O43 - CFD: 4/18/2011 - 18:49:24 - [408238496] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 8/22/2011 - 10:44:08 - [28394828] ----D- C:\Program Files\PC Tools Firewall Plus O43 - CFD: 9/28/2009 - 15:58:14 - [1129788] ----D- C:\Program Files\Power IE O43 - CFD: 4/8/2011 - 17:29:48 - [6416120] ----D- C:\Program Files\Prevx O43 - CFD: 3/28/2011 - 14:01:30 - [2170290] ----D- C:\Program Files\Proxifier O43 - CFD: 3/3/2011 - 16:49:18 - [76502779] ----D- C:\Program Files\QuickTime O43 - CFD: 11/21/2008 - 15:21:34 - [24682747] ----D- C:\Program Files\Realtek O43 - CFD: 11/21/2008 - 15:19:56 - [850757] ----D- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver O43 - CFD: 11/2/2006 - 13:35:52 - [38694657] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 10/26/2009 - 14:35:00 - [15697422] ----D- C:\Program Files\ScanSoft O43 - CFD: 12/25/2010 - 16:37:02 - [3700971] ----D- C:\Program Files\Secunia O43 - CFD: 11/5/2011 - 09:25:34 - [50850583] ----D- C:\Program Files\SFR O43 - CFD: 3/15/2011 - 09:24:48 - [59818360] ----D- C:\Program Files\Songbird O43 - CFD: 11/4/2011 - 16:41:42 - [54934124] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 10/26/2011 - 10:37:14 - [73902015] ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD: 2/15/2008 - 14:54:58 - [15544054] ----D- C:\Program Files\Synaptics O43 - CFD: 4/28/2011 - 21:54:30 - [577148] ----D- C:\Program Files\Toolbar Cleaner O43 - CFD: 10/15/2009 - 13:59:10 - [211292262] ----D- C:\Program Files\TOSHIBA O43 - CFD: 12/20/2008 - 22:25:18 - [801] ----D- C:\Program Files\Toshiba TEMPRO O43 - CFD: 11/5/2011 - 09:58:50 - [27642462] ----D- C:\Program Files\trend micro O43 - CFD: 2/15/2008 - 15:10:18 - [421716899] ----D- C:\Program Files\Ulead Systems O43 - CFD: 7/14/2011 - 05:45:34 - [81777644] ----D- C:\Program Files\Uniblue O43 - CFD: 11/2/2006 - 13:58:20 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 4/14/2011 - 06:03:38 - [223469] ----D- C:\Program Files\uTorrentBar_FR O43 - CFD: 11/26/2009 - 19:47:08 - [84966644] ----D- C:\Program Files\VideoLAN O43 - CFD: 6/24/2011 - 17:38:20 - [599767] ----D- C:\Program Files\Visual IP Locator O43 - CFD: 4/15/2011 - 12:51:22 - [0] ----D- C:\Program Files\VS Revo Group O43 - CFD: 10/18/2009 - 17:34:04 - [6347732] ----D- C:\Program Files\Webcam 1200 O43 - CFD: 7/29/2011 - 12:38:20 - [17051426] ----D- C:\Program Files\Winamp O43 - CFD: 9/16/2009 - 20:00:22 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 9/16/2009 - 20:00:22 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 9/16/2009 - 20:00:20 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 7/14/2011 - 08:14:04 - [208340514] ----D- C:\Program Files\Windows Live O43 - CFD: 8/26/2009 - 23:10:16 - [33023766] ----D- C:\Program Files\Windows Live Safety Center O43 - CFD: 10/13/2011 - 04:39:48 - [8935608] ----D- C:\Program Files\Windows Mail O43 - CFD: 3/5/2011 - 11:37:22 - [827801] ----D- C:\Program Files\Windows Mail Recovery O43 - CFD: 3/15/2011 - 19:42:02 - [4766921] ----D- C:\Program Files\Windows Media Player O43 - CFD: 11/21/2008 - 15:12:38 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 9/16/2009 - 20:00:22 - [8228002] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 10/30/2009 - 11:56:30 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 7/27/2011 - 15:13:40 - [1659488] ----D- C:\Program Files\Windows Searchqu Toolbar O43 - CFD: 9/16/2009 - 20:00:22 - [6887473] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 10/12/2011 - 21:44:04 - [4064117] ----D- C:\Program Files\WinRAR O43 - CFD: 8/22/2011 - 20:41:12 - [735304] ----D- C:\Program Files\Xvid O43 - CFD: 11/6/2011 - 12:17:58 - [4289657] ----D- C:\Program Files\ZHPDiag O43 - CFD: 6/18/2011 - 19:56:36 - [3606170] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 10/19/2009 - 07:50:52 - [19444833] ----D- C:\Program Files\Common Files\AhnLab O43 - CFD: 10/17/2009 - 12:01:50 - [93314306] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 7/13/2011 - 18:17:48 - [2975744] ----D- C:\Program Files\Common Files\AVSMedia O43 - CFD: 5/5/2010 - 10:03:52 - [7675825] ----D- C:\Program Files\Common Files\Borland Shared O43 - CFD: 9/29/2009 - 11:46:52 - [102997] ----D- C:\Program Files\Common Files\Cisco Systems O43 - CFD: 11/22/2009 - 19:41:42 - [1417637] ----D- C:\Program Files\Common Files\DFX O43 - CFD: 10/22/2009 - 19:08:28 - [90112] ----D- C:\Program Files\Common Files\Glowria O43 - CFD: 9/15/2009 - 13:41:46 - [531477] ----D- C:\Program Files\Common Files\Hewlett-Packard O43 - CFD: 9/16/2009 - 11:04:04 - [1804764] ----D- C:\Program Files\Common Files\HP O43 - CFD: 10/26/2009 - 14:34:22 - [11756681] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 9/5/2011 - 12:58:26 - [41686172] ----D- C:\Program Files\Common Files\Java O43 - CFD: 4/7/2010 - 13:00:00 - [21733941] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 1/22/2010 - 10:34:14 - [0] ----D- C:\Program Files\Common Files\NSV O43 - CFD: 5/11/2011 - 07:14:00 - [4950450] ----D- C:\Program Files\Common Files\PC Tools O43 - CFD: 8/22/2011 - 20:41:10 - [4405584] ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 8/23/2010 - 12:49:00 - [0] ----D- C:\Program Files\Common Files\Real O43 - CFD: 11/2/2006 - 12:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 11/2/2006 - 12:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 9/16/2009 - 20:00:22 - [15066498] ----D- C:\Program Files\Common Files\System O43 - CFD: 2/15/2008 - 15:16:44 - [1374029] ----D- C:\Program Files\Common Files\Toshiba Shared O43 - CFD: 2/15/2008 - 15:14:04 - [21678602] ----D- C:\Program Files\Common Files\Ulead Systems O43 - CFD: 1/27/2009 - 00:26:08 - [314230507] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 11/24/2008 - 19:30:22 - [19087831] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller O43 - CFD: 1/14/2011 - 07:40:56 - [4785664] ----D- C:\Program Files\Common Files\Wise Installation Wizard O43 - CFD: 2/27/2009 - 18:25:02 - [2242] ----D- C:\ProgramData\0320 O43 - CFD: 3/20/2009 - 12:45:18 - [2242] ----D- C:\ProgramData\1053 O43 - CFD: 3/7/2009 - 19:04:40 - [2242] ----D- C:\ProgramData\27E9 O43 - CFD: 2/27/2009 - 22:59:54 - [2242] ----D- C:\ProgramData\3418C O43 - CFD: 3/10/2009 - 20:25:08 - [2242] ----D- C:\ProgramData\6186 O43 - CFD: 3/27/2009 - 20:11:26 - [787] ----D- C:\ProgramData\Acronis O43 - CFD: 10/12/2011 - 21:37:18 - [138344334] ----D- C:\ProgramData\Adobe O43 - CFD: 8/7/2009 - 14:44:26 - [60814336] ----D- C:\ProgramData\Apple O43 - CFD: 10/17/2009 - 12:10:00 - [54790656] ----D- C:\ProgramData\Apple Computer O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 11/14/2010 - 17:21:20 - [3067838] ----D- C:\ProgramData\Avira O43 - CFD: 2/16/2009 - 18:34:06 - [708] ----D- C:\ProgramData\Blizzard O43 - CFD: 7/27/2011 - 15:46:58 - [24] ----D- C:\ProgramData\boost_interprocess O43 - CFD: 11/21/2008 - 15:12:38 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 12/1/2010 - 08:48:14 - [4212] ----D- C:\ProgramData\CheckPoint O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 11/22/2009 - 19:43:02 - [62] ----D- C:\ProgramData\DFX O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 3/25/2010 - 10:33:04 - [7258112] ----D- C:\ProgramData\Downloaded Installations O43 - CFD: 3/4/2009 - 23:00:16 - [2242] ----D- C:\ProgramData\E2CB O43 - CFD: 9/14/2009 - 11:46:14 - [1708032] ----D- C:\ProgramData\EmailNotifier O43 - CFD: 11/21/2008 - 15:12:38 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 9/13/2009 - 17:32:58 - [949670] ----D- C:\ProgramData\Fighters O43 - CFD: 4/15/2011 - 08:39:56 - [1066560] ----D- C:\ProgramData\FileOpen O43 - CFD: 3/27/2011 - 18:39:02 - [927968] ----D- C:\ProgramData\Google O43 - CFD: 9/16/2009 - 11:10:58 - [17729086] ----D- C:\ProgramData\HP O43 - CFD: 9/16/2009 - 11:10:48 - [8988] ----D- C:\ProgramData\HP Product Assistant O43 - CFD: 12/20/2008 - 22:25:44 - [5677] ----D- C:\ProgramData\IsolatedStorage O43 - CFD: 11/11/2009 - 14:29:30 - [17235209] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 12/2/2010 - 17:02:16 - [0] ----D- C:\ProgramData\McAfee O43 - CFD: 11/21/2008 - 15:12:38 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 7/14/2011 - 08:19:36 - [76591900] -S--D- C:\ProgramData\Microsoft O43 - CFD: 3/27/2009 - 19:13:42 - [57030] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 11/21/2008 - 15:12:38 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 1/14/2011 - 07:36:34 - [1189517] ----D- C:\ProgramData\Network Automation O43 - CFD: 1/19/2011 - 14:15:50 - [319618] ----D- C:\ProgramData\NOS O43 - CFD: 11/30/2009 - 15:27:58 - [26316] ----D- C:\ProgramData\Pinnacle O43 - CFD: 6/29/2011 - 16:51:54 - [219938] ----D- C:\ProgramData\PrevxCSI O43 - CFD: 2/11/2011 - 14:55:56 - [57986048] ----D- C:\ProgramData\Readon O43 - CFD: 6/1/2010 - 20:18:04 - [1157] ----D- C:\ProgramData\Real O43 - CFD: 12/29/2008 - 11:19:24 - [24] ----D- C:\ProgramData\SFR O43 - CFD: 6/30/2011 - 08:28:38 - [61178137] ----D- C:\ProgramData\Skype O43 - CFD: 11/5/2011 - 20:38:18 - [8888] ----D- C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 5/10/2010 - 09:28:30 - [362] ----D- C:\ProgramData\Sun O43 - CFD: 7/13/2011 - 18:45:24 - [97344802] ----D- C:\ProgramData\SUPERAntiSpyware.com O43 - CFD: 3/24/2010 - 09:38:38 - [155] ----D- C:\ProgramData\Symantec O43 - CFD: 11/6/2011 - 06:13:44 - [0] ---AD- C:\ProgramData\TEMP O43 - CFD: 11/2/2006 - 13:59:46 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 6/1/2010 - 20:18:04 - [1024] ----D- C:\ProgramData\TOSHIBA O43 - CFD: 11/21/2008 - 15:16:44 - [774] ----D- C:\ProgramData\ToshibaEurope O43 - CFD: 2/15/2008 - 15:13:14 - [220835] ----D- C:\ProgramData\Ulead Systems O43 - CFD: 7/14/2011 - 07:30:18 - [0] ----D- C:\ProgramData\Uniblue O43 - CFD: 9/16/2009 - 11:16:04 - [213] ----D- C:\ProgramData\WEBREG O43 - CFD: 11/12/2009 - 22:59:50 - [2492] ----D- C:\ProgramData\Windows Genuine Advantage O43 - CFD: 11/23/2009 - 10:11:24 - [50] ----D- C:\ProgramData\WinZip O43 - CFD: 12/28/2008 - 13:55:42 - [570478] ----D- C:\ProgramData\WLInstaller O43 - CFD: 10/26/2011 - 11:02:06 - [0] ----D- C:\ProgramData\ZA_PreservedFiles O43 - CFD: 3/29/2011 - 15:46:48 - [18472960] -SH-D- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} O43 - CFD: 10/23/2011 - 05:39:58 - [7938842] --H-D- C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} O43 - CFD: 3/20/2009 - 18:39:00 - [17196032] -SH-D- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357} O43 - CFD: 8/7/2009 - 14:57:50 - [3350] ----D- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} O43 - CFD: 7/13/2011 - 18:11:36 - [8431268] --H-D- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} O43 - CFD: 2/4/2010 - 21:16:28 - [17246208] -SH-D- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} O43 - CFD: 11/20/2010 - 13:55:14 - [19440542] ----D- C:\Users\Jérémy\AppData\Roaming\Adobe O43 - CFD: 8/7/2009 - 15:02:20 - [1166298] ----D- C:\Users\Jérémy\AppData\Roaming\Apple Computer O43 - CFD: 12/5/2010 - 12:55:14 - [1492700] ----D- C:\Users\Jérémy\AppData\Roaming\Auslogics O43 - CFD: 11/14/2010 - 17:24:34 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\Avira O43 - CFD: 10/11/2011 - 21:26:56 - [154300] ----D- C:\Users\Jérémy\AppData\Roaming\Camfrog O43 - CFD: 5/7/2011 - 13:09:52 - [4486440] ----D- C:\Users\Jérémy\AppData\Roaming\Camfrog Web O43 - CFD: 5/7/2011 - 13:16:22 - [1393948] ----D- C:\Users\Jérémy\AppData\Roaming\CamfrogWEB O43 - CFD: 12/1/2010 - 08:50:38 - [201352] ----D- C:\Users\Jérémy\AppData\Roaming\CheckPoint O43 - CFD: 12/2/2008 - 23:40:24 - [1782] ----D- C:\Users\Jérémy\AppData\Roaming\DesktopSMS O43 - CFD: 10/26/2011 - 10:57:24 - [33792] ----D- C:\Users\Jérémy\AppData\Roaming\Ditto O43 - CFD: 10/8/2011 - 18:41:32 - [199] ----D- C:\Users\Jérémy\AppData\Roaming\dvdcss O43 - CFD: 12/28/2010 - 10:20:08 - [540] ----D- C:\Users\Jérémy\AppData\Roaming\FileOpen O43 - CFD: 8/25/2009 - 07:46:20 - [3106] ----D- C:\Users\Jérémy\AppData\Roaming\GoodSync O43 - CFD: 11/22/2008 - 17:11:10 - [35709] ----D- C:\Users\Jérémy\AppData\Roaming\Google O43 - CFD: 3/31/2011 - 19:58:48 - [270] ----D- C:\Users\Jérémy\AppData\Roaming\GrabIt O43 - CFD: 9/16/2009 - 11:16:04 - [88150] ----D- C:\Users\Jérémy\AppData\Roaming\HP O43 - CFD: 2/9/2010 - 17:00:44 - [2048] ----D- C:\Users\Jérémy\AppData\Roaming\HPAppData O43 - CFD: 3/1/2010 - 10:13:32 - [37520] ----D- C:\Users\Jérémy\AppData\Roaming\HpUpdate O43 - CFD: 1/23/2010 - 12:07:54 - [228] ----D- C:\Users\Jérémy\AppData\Roaming\HTML Executable O43 - CFD: 11/21/2008 - 15:24:34 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\Identities O43 - CFD: 11/21/2008 - 15:19:36 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\InstallShield O43 - CFD: 11/16/2010 - 12:55:00 - [1493] ----D- C:\Users\Jérémy\AppData\Roaming\Macromedia O43 - CFD: 6/16/2011 - 10:05:12 - [7373] ----D- C:\Users\Jérémy\AppData\Roaming\Malwarebytes O43 - CFD: 11/20/2010 - 13:55:14 - [3344690] -S--D- C:\Users\Jérémy\AppData\Roaming\Microsoft O43 - CFD: 8/22/2011 - 20:41:14 - [40032] ----D- C:\Users\Jérémy\AppData\Roaming\MiniLyrics O43 - CFD: 3/30/2011 - 16:09:18 - [65536] ----D- C:\Users\Jérémy\AppData\Roaming\Miranda O43 - CFD: 4/18/2011 - 18:07:18 - [25624420] ----D- C:\Users\Jérémy\AppData\Roaming\Mozilla O43 - CFD: 11/30/2009 - 15:09:06 - [60] ----D- C:\Users\Jérémy\AppData\Roaming\MPEG Streamclip O43 - CFD: 11/25/2008 - 23:13:30 - [16889548] ----D- C:\Users\Jérémy\AppData\Roaming\myphotobook O43 - CFD: 10/12/2011 - 21:41:36 - [343779] ----D- C:\Users\Jérémy\AppData\Roaming\Notepad++ O43 - CFD: 12/3/2008 - 18:46:36 - [82798251] ----D- C:\Users\Jérémy\AppData\Roaming\OpenOffice.org O43 - CFD: 5/11/2011 - 07:14:48 - [1588] ----D- C:\Users\Jérémy\AppData\Roaming\PCToolsFirewallPlus O43 - CFD: 12/14/2010 - 17:02:30 - [160] ----D- C:\Users\Jérémy\AppData\Roaming\PMS O43 - CFD: 3/8/2011 - 17:43:16 - [20108301] ----D- C:\Users\Jérémy\AppData\Roaming\PPStream O43 - CFD: 12/21/2010 - 17:00:28 - [64089] ----D- C:\Users\Jérémy\AppData\Roaming\QuickScan O43 - CFD: 10/10/2011 - 16:23:22 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\RegistryKeys O43 - CFD: 5/12/2009 - 14:58:48 - [15600] R-H-D- C:\Users\Jérémy\AppData\Roaming\SecuROM O43 - CFD: 6/27/2011 - 21:45:44 - [2230878] ----D- C:\Users\Jérémy\AppData\Roaming\Skype O43 - CFD: 4/18/2011 - 15:02:04 - [30240] ----D- C:\Users\Jérémy\AppData\Roaming\skypePM O43 - CFD: 3/15/2011 - 09:24:58 - [48660221] ----D- C:\Users\Jérémy\AppData\Roaming\Songbird2 O43 - CFD: 5/1/2009 - 21:42:52 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\Sports Interactive O43 - CFD: 12/26/2010 - 07:50:08 - [9470] ----D- C:\Users\Jérémy\AppData\Roaming\Stardock O43 - CFD: 7/31/2011 - 14:48:22 - [89356957] ----D- C:\Users\Jérémy\AppData\Roaming\SUPERAntiSpyware(144).com O43 - CFD: 10/12/2011 - 21:28:04 - [118784] ----D- C:\Users\Jérémy\AppData\Roaming\SUPERAntiSpyware.com O43 - CFD: 1/25/2010 - 19:46:22 - [2400] ----D- C:\Users\Jérémy\AppData\Roaming\TeamViewer O43 - CFD: 12/1/2008 - 18:13:52 - [13824] ----D- C:\Users\Jérémy\AppData\Roaming\Template O43 - CFD: 7/29/2011 - 12:36:56 - [150111] ----D- C:\Users\Jérémy\AppData\Roaming\Todae O43 - CFD: 12/26/2008 - 20:03:04 - [14911] ----D- C:\Users\Jérémy\AppData\Roaming\Toshiba O43 - CFD: 11/25/2009 - 11:16:32 - [7021348] ----D- C:\Users\Jérémy\AppData\Roaming\U3 O43 - CFD: 7/14/2011 - 05:48:54 - [7263822] ----D- C:\Users\Jérémy\AppData\Roaming\Uniblue O43 - CFD: 8/22/2011 - 20:41:14 - [84447] ----D- C:\Users\Jérémy\AppData\Roaming\vlc O43 - CFD: 7/30/2011 - 08:07:42 - [4300265] ----D- C:\Users\Jérémy\AppData\Roaming\Winamp O43 - CFD: 12/30/2010 - 14:39:28 - [0] ----D- C:\Users\Jérémy\AppData\Roaming\Windows Live Writer O43 - CFD: 11/22/2009 - 19:32:34 - [12] ----D- C:\Users\Jérémy\AppData\Roaming\WinRAR O43 - CFD: 10/12/2011 - 09:20:34 - [15133018] ----D- C:\Users\Jérémy\AppData\Local\Adobe O43 - CFD: 10/12/2011 - 17:44:04 - [143078622] ----D- C:\Users\Jérémy\AppData\Local\Google O43 - CFD: 10/26/2011 - 12:33:06 - [10741385020] R---D- C:\Users\Jérémy\AppData\Local\Microsoft O43 - CFD: 6/20/2009 - 19:07:40 - [1405297] ----D- C:\Users\Jérémy\AppData\Local\Microsoft Games O43 - CFD: 11/12/2010 - 19:49:34 - [200328] ----D- C:\Users\Jérémy\AppData\Local\Microsoft Help O43 - CFD: 11/5/2009 - 18:21:42 - [51781794] ----D- C:\Users\Jérémy\AppData\Local\Mozilla O43 - CFD: 11/29/2008 - 14:27:44 - [4233] ----D- C:\Users\Jérémy\AppData\Local\Neuf O43 - CFD: 12/26/2010 - 07:59:00 - [0] ----D- C:\Users\Jérémy\AppData\Local\PackageAware O43 - CFD: 1/27/2009 - 20:58:52 - [285696] ----D- C:\Users\Jérémy\AppData\Local\Seven Zip O43 - CFD: 12/29/2008 - 11:19:14 - [8536055] ----D- C:\Users\Jérémy\AppData\Local\SFR O43 - CFD: 3/15/2011 - 09:44:20 - [13766303] ----D- C:\Users\Jérémy\AppData\Local\Songbird2 O43 - CFD: 11/6/2011 - 12:17:00 - [63249] ----D- C:\Users\Jérémy\AppData\Local\temp O43 - CFD: 11/21/2008 - 15:25:28 - [0] ----D- C:\Users\Jérémy\AppData\Local\Toshiba O43 - CFD: 10/12/2009 - 11:39:16 - [70720920] ----D- C:\Users\Jérémy\AppData\Local\VirtualStore O43 - CFD: 1/23/2011 - 08:42:36 - [0] ----D- C:\Users\Jérémy\AppData\Local\WDSetup O43 - CFD: 1/4/2011 - 07:57:58 - [177274] ----D- C:\Users\Jérémy\AppData\Local\widestream6 Air O43 - CFD: 11/6/2011 - 08:07:56 - [180224] ----D- C:\Users\Jérémy\AppData\Local\Windows Live O43 - CFD: 5/15/2009 - 15:32:22 - [374842] ----D- C:\Users\Jérémy\AppData\Local\Windows Live Writer O43 - CFD: 10/29/2011 - 08:05:44 - [0] ----D- C:\Users\Jérémy\AppData\Local\{249A57F6-A965-45D7-B11B-BFA01264D33A} O43 - CFD: 10/29/2011 - 08:06:26 - [0] ----D- C:\Users\Jérémy\AppData\Local\{460FF1F7-6BDA-4867-AFE4-49C2B1A27209} O43 - CFD: 11/6/2011 - 08:06:30 - [0] ----D- C:\Users\Jérémy\AppData\Local\{51B2141F-A333-4DEB-908C-7705521E1ED0} O43 - CFD: 11/4/2011 - 22:42:20 - [0] ----D- C:\Users\Jérémy\AppData\Local\{6819E529-B0B2-4374-851D-28814B2FDE1C} O43 - CFD: 11/6/2011 - 08:07:08 - [0] ----D- C:\Users\Jérémy\AppData\Local\{757800B1-D54B-4846-9F24-F8549DB7E435} ~ Scan Program Folder in 00mn 03s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.7A1746B3B50074915725A0BAC2B70A7F] - 11/5/2011 - 21:26:59 ---A- . (...) -- C:\Windows\PFRO.log [578] O44 - LFC:[MD5.61E97751636706CEEBAA8F4DC50AF7A8] - 11/6/2011 - 06:13:19 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.7E17F9F5BF4B30FF0EF4EDD415A0FBD8] - 11/6/2011 - 06:18:10 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.TMP [5468] O44 - LFC:[MD5.F781F389DC9A4FDA72E5BCFDE60D8276] - 11/6/2011 - 09:46:25 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1397295] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 11/6/2011 - 11:24:24 R-HA- . (...) -- C:\Windows\WindowsShell.Manifest [749] O44 - LFC:[MD5.D43CFF620718416E9FE2FA7742F0A9F9] - 11/6/2011 - 11:34:18 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.825204F181A08A65262B33A06C421C81] - 10/13/2011 - 04:42:57 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [373632] O44 - LFC:[MD5.2C536D41DCE213E1D449F18B3D41EA55] - 10/12/2011 - 21:38:00 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl [414368] ~ Scan Files in 00mn 01s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\procexp90.Sys . (...) -- C:\Windows\system32\Drivers\procexp90.Sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\procexp90.Sys . (...) -- C:\Windows\system32\Drivers\procexp90.Sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll O52 - TDSD: \Drivers32\"msacm.voxacm160"="vct3216.acm" . (.Voxware, Inc. - Voxware Audio Compression Manager Driver.) -- C:\Windows\system32\vct3216.acm O52 - TDSD: \Drivers32\"msacm.scg726"="scg726.acm" . (.SHARP Corporation - SHARP G.726 ACM Audio Decoder.) -- C:\Windows\system32\scg726.acm O52 - TDSD: \Drivers32\"msacm.ac3acm"="AC3ACM.acm" . (.fccHandler - AC-3 ACM Decompressor.) -- C:\Windows\system32\AC3ACM.acm O52 - TDSD: \Drivers32\"vidc.dvsd"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\Windows\system32\mcdvd_32.dll O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivXNetworks, Inc. - DivX Video for Windows Codec.) -- C:\Windows\system32\DivX.dll O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\system32\ir50_32.dll O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\system32\xvidvfw.dll O52 - TDSD: \drivers.desc\"vct3216.acm"="Voxware Compression Toolkit" . (.Voxware, Inc. - Voxware Audio Compression Manager Driver.) -- C:\Windows\system32\vct3216.acm O52 - TDSD: \drivers.desc\"AC3ACM.acm"="AC-3 ACM Decompressor" . (.fccHandler - AC-3 ACM Decompressor.) -- C:\Windows\system32\AC3ACM.acm O52 - TDSD: \drivers.desc\"mcdvd_32.dll"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\Windows\system32\mcdvd_32.dll O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® Video 5,10" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\system32\ir50_32.dll O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\system32\xvidvfw.dll ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\ThreatFire [Key] . (...) -- C:\Program Files\ThreatFire\TFTray.exe (.not file.) ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2 O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsHistory"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMMyDocs"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMHelp"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 1/21/2008 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968] O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 1/21/2008 - 03:32:51 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600] O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 1/21/2008 - 03:32:52 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432] O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 1/21/2008 - 03:32:53 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560] O58 - SDL:[MD5.1E9F5F30EF41D4D433B36113E776518B] - 10/19/2009 - 09:14:00 ---A- . (.AhnLab, Inc. - AhnLab SpyZero Engine Driver.) -- C:\Windows\system32\drivers\ahnsze.sys [1302232] O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 1/21/2008 - 03:32:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464] O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 1/21/2008 - 03:32:49 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416] O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 1/21/2008 - 03:32:50 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928] O58 - SDL:[MD5.E54E27976E2C5A6465D44C10B1D87AC0] - 8/2/2009 - 14:20:32 ---A- . (.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\Windows\system32\drivers\ASPI32.SYS [84832] O58 - SDL:[MD5.6046A55F79DE9C581B8D5E9C1366CC81] - 11/2/2006 - 08:30:52 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [467456] O58 - SDL:[MD5.1E4114685DE1FFA9675E09C6A1FB3F4B] - 11/14/2010 - 08:42:37 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [66616] O58 - SDL:[MD5.0F78D3DAE6DEDD99AE54C9491C62ADF2] - 11/14/2010 - 08:42:37 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [138192] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 11/2/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 11/2/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 11/2/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 11/2/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 11/2/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 11/2/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 2/15/2008 - 03:42:42 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [2560] O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 1/21/2008 - 03:32:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 11/2/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 1/21/2008 - 03:32:50 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 1/21/2008 - 03:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584] O58 - SDL:[MD5.CBC22823628544735625B280665E434E] - 2/15/2008 - 14:11:14 ---A- . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 32-bit Driver.) -- C:\Windows\system32\drivers\FwLnk.sys [7168] O58 - SDL:[MD5.4AC51459805264AFFD5F6FDFB9D9235F] - 8/7/2009 - 12:06:50 ---A- . (.GEAR Software Inc. - CD/DVD Class Filter Driver.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [15664] O58 - SDL:[MD5.24049179C60BBF64A9261DA943993440] - 10/5/2009 - 05:30:50 ---A- . (.Hexago, Inc. - Hexago Virtual Tunnel Driver.) -- C:\Windows\system32\drivers\hextun.sys [22176] O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 1/21/2008 - 03:32:52 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504] O58 - SDL:[MD5.C2EB8396C46E13F76037D70EAE8820A9] - 10/15/2008 - 08:30:04 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\HSXHWAZL.sys [207360] O58 - SDL:[MD5.D0116C473EF3C381A42BB55036A1ADB1] - 10/15/2008 - 08:29:16 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\HSX_CNXT.sys [661504] O58 - SDL:[MD5.EFED6BD9B9D5F407ADCA918BBE2D410D] - 10/15/2008 - 08:32:08 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\HSX_DPV.sys [980992] O58 - SDL:[MD5.E5A0034847537EAEE3C00349D5C34C5F] - 11/21/2008 - 23:03:12 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [308248] O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 1/21/2008 - 03:32:49 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064] O58 - SDL:[MD5.038815297078D236D8CC064C295A74C6] - 2/15/2008 - 14:23:50 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [1925632] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 11/2/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.98D303CCB3415E9202E82043B37D66DC] - 2/15/2008 - 15:21:32 ---A- . (.Intel® Corporation - Intel® High Definition Audio HDMI.) -- C:\Windows\system32\drivers\IntcHdmi.sys [111616] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 11/2/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 11/2/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 1/21/2008 - 03:32:49 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312] O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 1/21/2008 - 03:32:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656] O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 1/21/2008 - 03:32:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312] O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 6/16/2011 - 17:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22216] O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 2/15/2008 - 21:26:58 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\Windows\system32\drivers\mdmxsdk.sys [12672] O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 1/21/2008 - 03:32:53 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288] O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 1/21/2008 - 03:32:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 11/2/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 11/2/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 11/2/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 1/21/2008 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968] O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 1/21/2008 - 03:32:47 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112] O58 - SDL:[MD5.F767F3B35C3ECF8A60B2A65BEEC50EF5] - 5/11/2011 - 09:53:58 ---A- . (.PC Tools - PC Tools App Monitor Driver.) -- C:\Windows\system32\drivers\PCTAppEvent.sys [160448] O58 - SDL:[MD5.807FF1DD6E1BDF8E7D2062FCA0DAECAF] - 5/11/2011 - 10:06:14 ---A- . (.PC Tools - PC Tools KDS Core Driver.) -- C:\Windows\system32\drivers\PCTCore.sys [218592] O58 - SDL:[MD5.B76C829F00B9B534405B4ED5F58B8F52] - 5/11/2011 - 09:19:50 ---A- . (.PC Tools - PC Tools Generic TDI Driver.) -- C:\Windows\system32\drivers\pctgntdi.sys [249616] O58 - SDL:[MD5.2D9BF28D68BE7B9823C9C567505F613B] - 5/11/2011 - 08:26:50 ---A- . (.PC Tools - PC Tools NDIS - DNS.) -- C:\Windows\system32\drivers\pctNdis-DNS.sys [32808] O58 - SDL:[MD5.58DB891CA76A2D49E33BA9FA13B86C89] - 5/11/2011 - 08:18:16 ---A- . (.PC Tools - PC Tools NDIS - Packet Filter.) -- C:\Windows\system32\drivers\pctNdis-PacketFilter.sys [89192] O58 - SDL:[MD5.3EC79CFB2E0E74AADA8B561ED8904577] - 5/11/2011 - 08:49:10 ---A- . (.PC Tools - PC Tools NDIS Driver.) -- C:\Windows\system32\drivers\pctNdis.sys [57536] O58 - SDL:[MD5.78D871114E7CB3115E058D1F85751C7F] - 5/11/2011 - 09:42:10 ---A- . (.PC Tools - PC Tools FW Plugin Driver.) -- C:\Windows\system32\drivers\pctplfw.sys [124992] O58 - SDL:[MD5.1FAF62EAC7AE6FCF82F30DB1F2F920B6] - 5/11/2011 - 09:19:50 ---A- . (.PC Tools - PC Tools WFP kernel DLL.) -- C:\Windows\system32\drivers\pctwfpfilter.sys [102184] O58 - SDL:[MD5.04D1C97A0818F9378EEAA793A09F8202] - 4/8/2011 - 17:29:54 ---A- . (.Prevx - Prevx Realtime Security.) -- C:\Windows\system32\drivers\pxrts.sys [76696] O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 1/21/2008 - 03:32:50 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 11/2/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.B9CBD3DEA7CA02868621173BF7A2AF9F] - 11/16/2010 - 14:23:44 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2095512] O58 - SDL:[MD5.B71D269B9AB5417963E986126C12B9FC] - 11/21/2008 - 10:20:32 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\system32\drivers\rtl8187B.sys [290304] O58 - SDL:[MD5.8CCA591019216E9523E3CB385CE643E6] - 2/15/2008 - 19:21:54 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [104448] O58 - SDL:[MD5.0D60B8C10A2C5E8DD620B3FDEB1CDA64] - 11/21/2008 - 10:50:50 ---A- . (.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) -- C:\Windows\system32\drivers\RtlProt.sys [25896] O58 - SDL:[MD5.01C64783DB1F40E1E3DF67DD36199B35] - 2/22/2008 - 22:01:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [60416] O58 - SDL:[MD5.127E21305C1880B550BEA4B0ADFD9D94] - 9/29/2009 - 10:50:37 ---A- . (.Sophos Plc - SAV On-Access and HIPS for Windows Vista (x86).) -- C:\Windows\system32\drivers\savonaccess.sys [85312] O58 - SDL:[MD5.20B2751CD4C8F3FD989739CA661B9F30] - 11/7/2010 - 09:44:34 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\system32\drivers\scdemu.sys [59388] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 11/2/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 1/21/2008 - 03:32:52 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 11/14/2010 - 15:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 11/2/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 11/2/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 11/2/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.70534D1E4F9AC990536D5FB5B550B3DE] - 8/14/2008 - 10:40:40 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [203312] O58 - SDL:[MD5.5D8C820E2D885C25FFC6BBC5D4FE073C] - 8/3/2009 - 08:52:12 ---A- . (.RapidSolution Software AG - Tunebite High-Speed Dubbing.) -- C:\Windows\system32\drivers\tbhsd.sys [26784] O58 - SDL:[MD5.1825BCEB47BF41C5A9F0E44DE82FC27A] - 2/15/2008 - 11:50:04 ---A- . (.TOSHIBA Corporation. - Toshiba ODD Writing Driver For x86..) -- C:\Windows\system32\drivers\tdcmdpst.sys [16128] O58 - SDL:[MD5.D953F161177DAB3C8440844A9AB6E5A2] - 3/27/2009 - 19:09:30 ---A- . (.Acronis - Acronis Try&Decide Volume Filter Driver.) -- C:\Windows\system32\drivers\tdrpm174.sys [971552] O58 - SDL:[MD5.6DCB8DDB481CD3C40FA68593723B4D89] - 3/27/2009 - 19:09:26 ---A- . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\system32\drivers\tifsfilt.sys [44704] O58 - SDL:[MD5.394FC70B88B7958FA85798BBC76D140A] - 3/27/2009 - 19:09:26 ---A- . (.Acronis - Acronis True Image Backup Archive Explorer.) -- C:\Windows\system32\drivers\timntr.sys [540000] O58 - SDL:[MD5.1EA5F27C29405BF49799FECA77186DA9] - 2/15/2008 - 15:42:24 ---A- . (.TOSHIBA Corporation - tos_sps2.) -- C:\Windows\system32\drivers\tos_sps32.sys [285184] O58 - SDL:[MD5.792A8B80F8188ABA4B2BE271583F3E46] - 11/21/2008 - 14:00:52 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\system32\drivers\TVALZ_O.SYS [23640] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 1/21/2008 - 03:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 11/2/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 1/21/2008 - 03:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.237C444FBD1C697A2E3FA60F02C61F22] - 11/17/2010 - 19:59:06 ---A- . (.Chicony Electronics Co., Ltd. - UVCFTR_S.sys.) -- C:\Windows\system32\drivers\UVCFTR_S.SYS [17960] O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 1/21/2008 - 03:32:21 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024] O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 1/21/2008 - 03:32:49 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616] O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 1/21/2008 - 03:32:48 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS [200704] O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 1/21/2008 - 03:32:48 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS [654336] O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 1/21/2008 - 03:32:48 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS [987648] O58 - SDL:[MD5.A75DC063C9F0B787CCE296C8CCAD9C30] - 8/3/2009 - 15:51:18 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys [16640] O58 - SDL:[MD5.DAB33CFA9DD24251AAA389FF36B64D4B] - 2/15/2008 - 22:36:54 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio.sys [8704] O58 - SDL:[MD5.22A08B9FAECD6A306868F59B7F03F188] - 11/4/2008 - 03:32:20 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio32.sys [8704] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 11/2/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 11/2/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.DC8FCBD7E98FE7BE4E7CA9780835FAB7] - 3/4/2011 - 16:35:00 ---A- . (.EldoS Corporation - RawDisk Driver. Allows write-access to raw disk sectors for use.) -- C:\Windows\system32\elrawdsk.sys [12800] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 11/2/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 11/2/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 11/2/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 11/2/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 11/2/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 11/2/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 11/2/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 11/2/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 11/2/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 11/2/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 11/2/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 11/2/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 11/2/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ~ Scan Drivers in 00mn 01s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 6/6/2011 - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - Adobe Acrobat Update Service(AdobeARMservice) .(.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - LEGACY_ADOBEARMSERVICE O64 - Services: CurCS - 9/1/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 9/1/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 7/6/2010 - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe - CanalPlus.VOD(CanalPlus.VOD) .(.Canal+ Active - CanalPlus.VOD.Service.) - LEGACY_CANALPLUS.VOD O64 - Services: CurCS - 2/25/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - 2/25/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdatem)(gupdatem) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATEM O64 - Services: CurCS - 8/31/2011 - C:\Windows\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 8/31/2011 - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - MBAMService(MBAMService) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSERVICE O64 - Services: CurCS - 12/30/1899 - C:\Users\JRMY~1\AppData\Local\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - 11/25/2010 - C:\Windows\system32\drivers\PCTAppEvent.sys - PCTAppEvent Driver(PCTAppEvent) .(.PC Tools - PC Tools App Monitor Driver.) - LEGACY_PCTAPPEVENT O64 - Services: CurCS - 11/24/2010 - C:\Windows\system32\drivers\pctNdis-PacketFilter.sys - PCTools Firewall - Packet filter driver(PCTFW-PacketFilter) .(.PC Tools - PC Tools NDIS - Packet Filter.) - LEGACY_PCTFW-PACKETFILTER O64 - Services: CurCS - 11/17/2010 - C:\Windows\system32\drivers\pctgntdi.sys - pctgntdi(pctgntdi) .(.PC Tools - PC Tools Generic TDI Driver.) - LEGACY_PCTGNTDI O64 - Services: CurCS - 11/25/2010 - C:\Windows\system32\drivers\pctplfw.sys - pctplfw(pctplfw) .(.PC Tools - PC Tools FW Plugin Driver.) - LEGACY_PCTPLFW O64 - Services: CurCS - 4/23/2007 - C:\Windows\system32\DRIVERS\rtlprot.sys - Realtke RtlProt WLAN Utility Protocol Driver(RtlProt) .(.Windows ® Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - LEGACY_RTLPROT O64 - Services: CurCS - 7/22/2011 - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV(SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV O64 - Services: CurCS - 7/12/2011 - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL(SASKUTIL) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - LEGACY_SASKUTIL O64 - Services: CurCS - 12/30/1899 - C:\Windows\system32\Drivers\sptd.sys (.not file.) - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 6/17/2010 - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - 6/17/2011 - C:\Windows\System32\TUProgSt.exe (TuneUp.ProgramStatisticsSvc) .(...) - LEGACY_TUNEUP.PROGRAMSTATISTICSSVC O64 - Services: CurCS - 8/23/2006 - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe - Ulead Burning Helper(UleadBurningHelper) .(.Ulead Systems, Inc. - ULCDRSvr.) - LEGACY_ULEADBURNINGHELPER O64 - Services: CurCS - 3/28/2011 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe - Windows Live ID Sign-in Assistant(wlidsvc) .(.Microsoft Corp. - Microsoft® Windows Live ID Service.) - LEGACY_WLIDSVC O64 - Services: CurCS - 11/4/2008 - C:\Windows\system32\DRIVERS\XAudio32.sys - XAudio(XAudio) .(.Conexant Systems, Inc. - Modem Audio Device Driver.) - LEGACY_XAUDIO O64 - Services: CurCS - 10/17/2007 - C:\Windows\system32\DRIVERS\xaudio.exe - XAudioService(XAudioService) .(.Conexant Systems, Inc. - Modem Audio Service.) - LEGACY_XAUDIOSERVICE ~ Scan Services in 00mn 07s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <exefile>[HKU\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {40439b93-f815-4122-8073-d03bed94c303} [DefaultScope] - (Winamp Web Search) - http://slirsredirect.search.aol.com O69 - SBI: SearchScopes [HKCU] {90A5840A-BCF9-4C01-A55E-F0BB6ABDEA10} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} - (Google) - Google ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.E3759D2F4166E8EDB981890053235823] [sPRF][11/6/2011] (...) -- C:\Users\Jérémy\Desktop\explor.bat [96] [MD5.B8CB9448B6E80867375A4B570221F3B2] [sPRF][11/6/2011] (...) -- C:\Users\Jérémy\Desktop\regis.reg [158] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][12/7/2004] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32] [MD5.298068536300DA6DC163E394797A7C50] [sPRF][5/25/2006] (...) -- C:\Windows\Downloaded Program Files\bdupd.dll [118784] [MD5.880CC977F4643B01B1A05B5C5F8FEF40] [sPRF][10/19/2007] (.Microsoft Corporation - Windows Live Photo Download Control.) -- C:\Windows\Downloaded Program Files\DigWXMSN.dll [267312] [MD5.632E0CE38FBCADEAAE28077F4C9C45D5] [sPRF][10/21/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r102.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2827728] [MD5.1CAB87DE6638846FBF51F32B5D95E482] [sPRF][5/25/2006] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [53248] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][12/7/2004] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32] ~ Scan Files in 00mn 00s ---\\ Recherche d'infection Rogue (O86) C:\ProgramData\0320 C:\ProgramData\1053 C:\ProgramData\27E9 C:\ProgramData\3418C C:\ProgramData\6186 C:\ProgramData\E2CB ~ Scan Files in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : 8818 - (06/11/2011) Clés trouvées (Keys found) : 15 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 5 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\AppID\WMHelper.DLL] =>PUP.BearShare [HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}] =>PUP.BearShare [HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent [HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{31CF6C0E-51F0-41D2-B088-A6A143C4303C}] =>Toolbar.SweetIM [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{76985346-BDA2-4B2E-A727-956D7B8B012E}] =>Adware.IMBooster [HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}] =>PUP.iMesh [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit [HKLM\Software\Elf_1.15] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit [HKLM\Software\uTorrentBar_FR] =>Toolbar.Conduit [HKCU\Software\WideStream] =>Adware.SPointer C:\Program Files\uTorrentBar_FR =>Toolbar.Conduit C:\Program Files\Windows Searchqu Toolbar =>Adware.Bandoo C:\Program Files\Mozilla Firefox\Extensions\[email protected] =>PUP.Dealio C:\Users\Jérémy\AppData\Local\widestream6 Air =>Adware.SPointer ~ Scan Additionnel in 00mn 10s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 8/12/2011 116608 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe SS - | Disabled 6/18/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 11/14/2010 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 11/14/2010 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SS - | Disabled 8/7/2009 144712 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe SS - | Disabled 7/6/2010 188416 | CanalPlus.VOD (CanalPlus.VOD) . (.Canal+ Active.) - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe SS - | Demand 2/15/2008 40960 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe SR - | Auto 4/15/2011 212352 | (FileOpenManagerSvc) . (.FileOpen Systems Inc..) - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe SS - | Disabled 2/25/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Disabled 2/25/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 10/26/2009 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe SR - | Auto 11/2/2011 366152 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SR - | Auto 5/11/2011 287024 | (PCToolsFirewallPlus) . (.PC Tools.) - C:\Program Files\PC Tools Firewall Plus\FWService.exe SS - | Disabled 10/22/2009 436096 | (Service CANALPLAY) . (.Canal+ Distribution.) - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe SR - | Auto 2/15/2008 83312 | (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe SR - | Auto 2/15/2008 129632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe SR - | Auto 11/21/2008 431456 | (TosCoSrv) . (.TOSHIBA Corporation.) - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe SR - | Auto 11/21/2008 126976 | (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation.) - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe SS - | Disabled 2/15/2008 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe SR - | Auto 2/15/2008 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\system32\DRIVERS\xaudio.exe ~ Scan Services in 00mn 11s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Jérémy at 11/6/2011 12:18:34 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver 1 ntkrnlpa!IofCallDriver[0x82462912] -> \Device\Harddisk0\DR0[0x85E67030] 3 CLASSPNP[0x885108B3] -> ntkrnlpa!IofCallDriver[0x82462912] -> \Device\Ide\IAAStorageDevice-0[0x84A58028] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 14s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Jérémy at 11/6/2011 12:18:36 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 16s End of the scan (1558 lines in 00mn 48s)(0)

Bonjour, mon PC est devenu lent,la page d'accueil IE avait été changé sans que je le demande,je n'arrive pas à afficher. Si je veux afficher options des dossier un message me dit " cette opération a été annulée en raison de restrictions en viguer sur cet ordinateur " Si vous pouviez me donner des indications , je vous remercie par avance de votre attention Ci-dessous rapport HiackthisLogfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:59:27, on 11/5/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Mail\WinMail.exe C:\ProgramData\FileOpen\Services\FileOpenBroker32.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Jérémy.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O1 - Hosts: ::1 localhost O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de la passerelle de la couche Application (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Informations d'application (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de stratégie de diagnostic (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Protocole EAP (Extensible Authentication Protocol) (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\ProgramData\FileOpen\Services\FileOpenManagerSvc32.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: HsfXAudioService - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Modules de génération de clés IKE et AuthIP (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Énumérateur de bus IP PnP-X (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Assistance IP (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: Service KtmRm pour Distributed Transaction Coordinator (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Assistance NetBIOS sur TCP/IP (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: Connexions réseau (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: getPlus® Helper 3004 (nosGetPlusHelper) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Groupement de mise en réseau de pairs (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’Assistant Compatibilité des programmes (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Agent de stratégie IPsec (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Emplacement protégé (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: Connectivité de l'appareil Windows Mobile (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Gestionnaire de connexion automatique d'accès distant (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Gestionnaire de connexions d'accès distant (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Configuration des services Terminal Server (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: Découverte SSDP (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Acquisition d'image Windows (WIA) (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Téléphonie (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Services de base de module de plateforme sécurisée (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service hôte WDIServiceHost (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Hôte système de diagnostics (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de découverte automatique de Proxy Web pour les services HTTP Windows (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de configuration automatique WLAN (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: Centre de sécurité (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Windows Driver Foundation - Infrastructure de pilote mode-utilisateur (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14968 bytes

Bonjour, Ai crée nouveau compte administrateur, cela ne change rien toujours pas acces

Re, Ci-dessous les rapports demandés: 2010/11/20 17:34:12.0523 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12 2010/11/20 17:34:12.0523 ================================================================================ 2010/11/20 17:34:12.0523 SystemInfo: 2010/11/20 17:34:12.0523 2010/11/20 17:34:12.0523 OS Version: 6.0.6002 ServicePack: 2.0 2010/11/20 17:34:12.0523 Product type: Workstation 2010/11/20 17:34:12.0523 ComputerName: PC-DE-JÉRÉMY 2010/11/20 17:34:12.0523 UserName: Jérémy 2010/11/20 17:34:12.0523 Windows directory: C:\Windows 2010/11/20 17:34:12.0523 System windows directory: C:\Windows 2010/11/20 17:34:12.0523 Processor architecture: Intel x86 2010/11/20 17:34:12.0523 Number of processors: 1 2010/11/20 17:34:12.0523 Page size: 0x1000 2010/11/20 17:34:12.0523 Boot type: Normal boot 2010/11/20 17:34:12.0523 ================================================================================ 2010/11/20 17:34:13.0183 Initialize success 2010/11/20 17:34:28.0093 ================================================================================ 2010/11/20 17:34:28.0093 Scan started 2010/11/20 17:34:28.0093 Mode: Manual; 2010/11/20 17:34:28.0093 ================================================================================ 2010/11/20 17:34:29.0293 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2010/11/20 17:34:29.0373 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2010/11/20 17:34:29.0523 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2010/11/20 17:34:29.0573 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2010/11/20 17:34:29.0683 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2010/11/20 17:34:29.0773 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2010/11/20 17:34:29.0903 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2010/11/20 17:34:29.0943 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2010/11/20 17:34:29.0993 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2010/11/20 17:34:30.0123 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2010/11/20 17:34:30.0143 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2010/11/20 17:34:30.0183 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2010/11/20 17:34:30.0253 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2010/11/20 17:34:30.0423 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2010/11/20 17:34:30.0483 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2010/11/20 17:34:30.0533 ASPI (e54e27976e2c5a6465d44c10b1d87ac0) C:\Windows\System32\DRIVERS\ASPI32.sys 2010/11/20 17:34:30.0643 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2010/11/20 17:34:30.0713 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2010/11/20 17:34:30.0823 athr (6046a55f79de9c581b8d5e9c1366cc81) C:\Windows\system32\DRIVERS\athr.sys 2010/11/20 17:34:30.0913 avgntflt (1eb7d72a82f94f7e9496d363fce00b68) C:\Windows\system32\DRIVERS\avgntflt.sys 2010/11/20 17:34:31.0003 avipbb (f8c56231ed5ecf7d1b46b0330880ccef) C:\Windows\system32\DRIVERS\avipbb.sys 2010/11/20 17:34:31.0093 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2010/11/20 17:34:31.0213 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2010/11/20 17:34:31.0283 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2010/11/20 17:34:31.0363 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2010/11/20 17:34:31.0453 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2010/11/20 17:34:31.0493 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2010/11/20 17:34:31.0603 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2010/11/20 17:34:31.0673 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2010/11/20 17:34:31.0703 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2010/11/20 17:34:31.0793 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2010/11/20 17:34:31.0883 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2010/11/20 17:34:31.0943 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2010/11/20 17:34:32.0053 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2010/11/20 17:34:32.0133 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2010/11/20 17:34:32.0273 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2010/11/20 17:34:32.0323 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2010/11/20 17:34:32.0353 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2010/11/20 17:34:32.0493 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2010/11/20 17:34:32.0543 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2010/11/20 17:34:32.0643 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2010/11/20 17:34:32.0743 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2010/11/20 17:34:32.0833 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 2010/11/20 17:34:32.0873 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 2010/11/20 17:34:32.0973 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 2010/11/20 17:34:33.0053 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2010/11/20 17:34:33.0133 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 2010/11/20 17:34:33.0243 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2010/11/20 17:34:33.0313 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2010/11/20 17:34:33.0433 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2010/11/20 17:34:33.0503 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2010/11/20 17:34:33.0673 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2010/11/20 17:34:33.0733 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2010/11/20 17:34:33.0853 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2010/11/20 17:34:33.0923 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2010/11/20 17:34:33.0953 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2010/11/20 17:34:34.0053 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2010/11/20 17:34:34.0113 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2010/11/20 17:34:34.0203 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys 2010/11/20 17:34:34.0303 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2010/11/20 17:34:34.0373 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys 2010/11/20 17:34:34.0473 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2010/11/20 17:34:34.0533 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2010/11/20 17:34:34.0673 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2010/11/20 17:34:34.0753 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2010/11/20 17:34:34.0853 HexTunnelDevice (24049179c60bbf64a9261da943993440) C:\Windows\system32\DRIVERS\hextun.sys 2010/11/20 17:34:34.0933 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2010/11/20 17:34:35.0023 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2010/11/20 17:34:35.0133 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2010/11/20 17:34:35.0233 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2010/11/20 17:34:35.0363 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 2010/11/20 17:34:35.0493 HSF_DPV (efed6bd9b9d5f407adca918bbe2d410d) C:\Windows\system32\DRIVERS\HSX_DPV.sys 2010/11/20 17:34:35.0673 HSXHWAZL (c2eb8396c46e13f76037d70eae8820a9) C:\Windows\system32\DRIVERS\HSXHWAZL.sys 2010/11/20 17:34:35.0753 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys 2010/11/20 17:34:35.0903 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2010/11/20 17:34:35.0963 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2010/11/20 17:34:36.0133 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys 2010/11/20 17:34:36.0203 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2010/11/20 17:34:36.0383 igfx (038815297078d236d8cc064c295a74c6) C:\Windows\system32\DRIVERS\igdkmd32.sys 2010/11/20 17:34:36.0563 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2010/11/20 17:34:36.0723 IntcAzAudAddService (b9cbd3dea7ca02868621173bf7a2af9f) C:\Windows\system32\drivers\RTKVHDA.sys 2010/11/20 17:34:36.0903 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys 2010/11/20 17:34:36.0953 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2010/11/20 17:34:37.0013 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2010/11/20 17:34:37.0163 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/11/20 17:34:37.0273 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2010/11/20 17:34:37.0403 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2010/11/20 17:34:37.0473 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2010/11/20 17:34:37.0593 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2010/11/20 17:34:37.0663 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2010/11/20 17:34:37.0793 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2010/11/20 17:34:37.0863 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2010/11/20 17:34:37.0983 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2010/11/20 17:34:38.0063 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys 2010/11/20 17:34:38.0163 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2010/11/20 17:34:38.0343 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2010/11/20 17:34:38.0553 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2010/11/20 17:34:38.0613 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2010/11/20 17:34:38.0763 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2010/11/20 17:34:38.0813 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2010/11/20 17:34:39.0013 MBAMProtector (67b48a903430c6d4fb58cbaca1866601) C:\Windows\system32\drivers\mbam.sys 2010/11/20 17:34:39.0103 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys 2010/11/20 17:34:39.0243 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2010/11/20 17:34:39.0323 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2010/11/20 17:34:39.0473 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2010/11/20 17:34:39.0533 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2010/11/20 17:34:39.0663 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2010/11/20 17:34:39.0723 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2010/11/20 17:34:39.0773 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2010/11/20 17:34:39.0913 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2010/11/20 17:34:39.0993 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2010/11/20 17:34:40.0143 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2010/11/20 17:34:40.0213 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2010/11/20 17:34:40.0343 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2010/11/20 17:34:40.0413 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/11/20 17:34:40.0563 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/11/20 17:34:40.0623 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 2010/11/20 17:34:40.0683 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2010/11/20 17:34:40.0833 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2010/11/20 17:34:40.0913 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2010/11/20 17:34:41.0023 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2010/11/20 17:34:41.0103 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2010/11/20 17:34:41.0173 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2010/11/20 17:34:41.0293 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2010/11/20 17:34:41.0373 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2010/11/20 17:34:41.0443 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2010/11/20 17:34:41.0553 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2010/11/20 17:34:41.0633 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2010/11/20 17:34:41.0733 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2010/11/20 17:34:41.0863 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2010/11/20 17:34:41.0943 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2010/11/20 17:34:42.0063 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2010/11/20 17:34:42.0153 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2010/11/20 17:34:42.0273 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2010/11/20 17:34:42.0373 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2010/11/20 17:34:42.0543 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2010/11/20 17:34:42.0653 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2010/11/20 17:34:42.0783 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2010/11/20 17:34:42.0913 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2010/11/20 17:34:43.0043 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2010/11/20 17:34:43.0113 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2010/11/20 17:34:43.0233 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2010/11/20 17:34:43.0313 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2010/11/20 17:34:43.0443 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2010/11/20 17:34:43.0633 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 2010/11/20 17:34:43.0803 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2010/11/20 17:34:43.0903 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2010/11/20 17:34:44.0023 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2010/11/20 17:34:44.0183 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2010/11/20 17:34:44.0263 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2010/11/20 17:34:44.0323 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2010/11/20 17:34:44.0443 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2010/11/20 17:34:44.0813 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2010/11/20 17:34:44.0873 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2010/11/20 17:34:44.0973 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2010/11/20 17:34:45.0163 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2010/11/20 17:34:45.0323 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2010/11/20 17:34:45.0403 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2010/11/20 17:34:45.0583 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2010/11/20 17:34:45.0663 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2010/11/20 17:34:45.0793 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2010/11/20 17:34:45.0883 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2010/11/20 17:34:46.0003 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2010/11/20 17:34:46.0073 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2010/11/20 17:34:46.0163 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2010/11/20 17:34:46.0273 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2010/11/20 17:34:46.0373 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2010/11/20 17:34:46.0533 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2010/11/20 17:34:46.0663 RTL8169 (8cca591019216e9523e3cb385ce643e6) C:\Windows\system32\DRIVERS\Rtlh86.sys 2010/11/20 17:34:46.0763 RTL8187B (b71d269b9ab5417963e986126c12b9fc) C:\Windows\system32\DRIVERS\RTL8187B.sys 2010/11/20 17:34:46.0893 RtlProt (0d60b8c10a2c5e8dd620b3fdeb1cda64) C:\Windows\system32\DRIVERS\rtlprot.sys 2010/11/20 17:34:46.0963 RTSTOR (01c64783db1f40e1e3df67dd36199b35) C:\Windows\system32\drivers\RTSTOR.SYS 2010/11/20 17:34:47.0043 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2010/11/20 17:34:47.0213 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\Windows\system32\drivers\SCDEmu.sys 2010/11/20 17:34:47.0343 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2010/11/20 17:34:47.0463 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2010/11/20 17:34:47.0533 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2010/11/20 17:34:47.0623 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2010/11/20 17:34:47.0793 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2010/11/20 17:34:47.0853 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2010/11/20 17:34:47.0943 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2010/11/20 17:34:48.0033 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2010/11/20 17:34:48.0143 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2010/11/20 17:34:48.0263 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2010/11/20 17:34:48.0313 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2010/11/20 17:34:48.0503 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2010/11/20 17:34:48.0693 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2010/11/20 17:34:48.0843 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys 2010/11/20 17:34:48.0983 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys 2010/11/20 17:34:49.0053 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys 2010/11/20 17:34:49.0213 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2010/11/20 17:34:49.0303 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys 2010/11/20 17:34:49.0453 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2010/11/20 17:34:49.0523 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2010/11/20 17:34:49.0583 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2010/11/20 17:34:49.0703 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2010/11/20 17:34:49.0793 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys 2010/11/20 17:34:49.0973 tbhsd (5d8c820e2d885c25ffc6bbc5d4fe073c) C:\Windows\system32\drivers\tbhsd.sys 2010/11/20 17:34:50.0093 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2010/11/20 17:34:50.0273 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2010/11/20 17:34:50.0433 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2010/11/20 17:34:50.0513 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys 2010/11/20 17:34:50.0673 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2010/11/20 17:34:50.0733 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2010/11/20 17:34:50.0893 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2010/11/20 17:34:50.0973 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2010/11/20 17:34:51.0213 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys 2010/11/20 17:34:51.0323 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2010/11/20 17:34:51.0453 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2010/11/20 17:34:51.0513 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2010/11/20 17:34:51.0583 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS 2010/11/20 17:34:51.0723 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2010/11/20 17:34:51.0803 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2010/11/20 17:34:51.0983 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2010/11/20 17:34:52.0053 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2010/11/20 17:34:52.0133 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2010/11/20 17:34:52.0273 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2010/11/20 17:34:52.0333 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2010/11/20 17:34:52.0483 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2010/11/20 17:34:52.0613 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2010/11/20 17:34:52.0703 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2010/11/20 17:34:52.0833 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2010/11/20 17:34:52.0933 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2010/11/20 17:34:53.0043 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2010/11/20 17:34:53.0083 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2010/11/20 17:34:53.0143 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/11/20 17:34:53.0263 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2010/11/20 17:34:53.0303 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2010/11/20 17:34:53.0363 UVCFTR (237c444fbd1c697a2e3fa60f02c61f22) C:\Windows\system32\Drivers\UVCFTR_S.SYS 2010/11/20 17:34:53.0503 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2010/11/20 17:34:53.0543 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2010/11/20 17:34:53.0583 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2010/11/20 17:34:53.0703 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2010/11/20 17:34:53.0743 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2010/11/20 17:34:53.0783 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2010/11/20 17:34:53.0903 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2010/11/20 17:34:53.0973 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2010/11/20 17:34:54.0103 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2010/11/20 17:34:54.0193 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2010/11/20 17:34:54.0323 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/11/20 17:34:54.0343 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/11/20 17:34:54.0423 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2010/11/20 17:34:54.0483 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2010/11/20 17:34:54.0703 winachsf (d0116c473ef3c381a42bb55036a1adb1) C:\Windows\system32\DRIVERS\HSX_CNXT.sys 2010/11/20 17:34:54.0963 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys 2010/11/20 17:34:55.0063 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 2010/11/20 17:34:55.0303 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2010/11/20 17:34:55.0393 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2010/11/20 17:34:55.0533 WsAudio_DeviceS(1) (a75dc063c9f0b787cce296c8ccad9c30) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys 2010/11/20 17:34:55.0723 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2010/11/20 17:34:55.0923 XAudio (22a08b9faecd6a306868f59b7f03f188) C:\Windows\system32\DRIVERS\XAudio32.sys 2010/11/20 17:34:56.0073 ================================================================================ 2010/11/20 17:34:56.0073 Scan finished 2010/11/20 17:34:56.0073 ================================================================================ MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows Vista Home Basic Edition Windows Information: Service Pack 2 (build 6002), 32-bit Base Board Manufacturer: Intel Corp. BIOS Manufacturer: INSYDE System Manufacturer: TOSHIBA System Product Name: Satellite L350 Logical Drives Mask: 0x00000034 Kernel Drivers (total 147): 0x82006000 \SystemRoot\system32\ntkrnlpa.exe 0x823BF000 \SystemRoot\system32\hal.dll 0x80404000 \SystemRoot\system32\kdcom.dll 0x8040B000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x8047B000 \SystemRoot\system32\PSHED.dll 0x8048C000 \SystemRoot\system32\BOOTVID.dll 0x80494000 \SystemRoot\system32\CLFS.SYS 0x804D5000 \SystemRoot\system32\CI.dll 0x8060F000 \SystemRoot\system32\drivers\Wdf01000.sys 0x8068B000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x80698000 \SystemRoot\system32\drivers\acpi.sys 0x806DE000 \SystemRoot\system32\drivers\WMILIB.SYS 0x806E7000 \SystemRoot\system32\drivers\msisadrv.sys 0x806EF000 \SystemRoot\system32\drivers\pci.sys 0x80716000 \SystemRoot\System32\drivers\partmgr.sys 0x80725000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x80728000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x80732000 \SystemRoot\system32\drivers\volmgr.sys 0x80741000 \SystemRoot\System32\drivers\volmgrx.sys 0x8078B000 \SystemRoot\system32\drivers\intelide.sys 0x80792000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x807A0000 \SystemRoot\System32\drivers\mountmgr.sys 0x82605000 \SystemRoot\system32\DRIVERS\iaStor.sys 0x826CD000 \SystemRoot\system32\drivers\atapi.sys 0x826D5000 \SystemRoot\system32\drivers\ataport.SYS 0x826F3000 \SystemRoot\system32\drivers\msahci.sys 0x826FD000 \SystemRoot\system32\drivers\fltmgr.sys 0x8272F000 \SystemRoot\system32\drivers\fileinfo.sys 0x8273F000 \SystemRoot\System32\Drivers\ksecdd.sys 0x87E06000 \SystemRoot\system32\drivers\ndis.sys 0x87F11000 \SystemRoot\system32\drivers\msrpc.sys 0x87F3C000 \SystemRoot\system32\drivers\NETIO.SYS 0x88003000 \SystemRoot\System32\drivers\tcpip.sys 0x880ED000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x88206000 \SystemRoot\System32\Drivers\Ntfs.sys 0x88316000 \SystemRoot\system32\drivers\volsnap.sys 0x8834F000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS 0x88354000 \SystemRoot\system32\DRIVERS\tos_sps32.sys 0x8839F000 \SystemRoot\System32\Drivers\spldr.sys 0x883A7000 \SystemRoot\System32\Drivers\mup.sys 0x883B6000 \SystemRoot\System32\drivers\ecache.sys 0x883DD000 \SystemRoot\system32\drivers\disk.sys 0x88108000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x883EE000 \SystemRoot\system32\drivers\crcdisk.sys 0x87F77000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x883F7000 \SystemRoot\system32\DRIVERS\tunmp.sys 0x87F82000 \SystemRoot\system32\DRIVERS\FwLnk.sys 0x87F8A000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x88200000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x8CE04000 \SystemRoot\system32\DRIVERS\igdkmd32.sys 0x8D43B000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x8D4DC000 \SystemRoot\System32\drivers\watchdog.sys 0x8D4E8000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x8D4F3000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x8D531000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x8D540000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x8D5CD000 \SystemRoot\system32\DRIVERS\Rtlh86.sys 0x8D5EA000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x87F99000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x87FA4000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x8D5FD000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x87FD4000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x8CE00000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys 0x87FDF000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x88000000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x827B0000 \SystemRoot\system32\DRIVERS\msiscsi.sys 0x807B0000 \SystemRoot\system32\DRIVERS\storport.sys 0x827DF000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x805B5000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x827EA000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x805CC000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x807F1000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x8D80C000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x8D820000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x8D835000 \SystemRoot\system32\DRIVERS\termdd.sys 0x8D845000 \SystemRoot\system32\DRIVERS\swenum.sys 0x8D847000 \SystemRoot\system32\DRIVERS\ks.sys 0x8D871000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x8D87B000 \SystemRoot\system32\DRIVERS\umbus.sys 0x8D888000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x8D8BD000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x8C400000 \SystemRoot\system32\drivers\RTKVHDA.sys 0x8D8CE000 \SystemRoot\system32\drivers\portcls.sys 0x8D8FB000 \SystemRoot\system32\drivers\drmk.sys 0x8D920000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys 0x8CA01000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys 0x8CB03000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys 0x8CBB8000 \SystemRoot\system32\drivers\modem.sys 0x8CBC5000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0x8CBCE000 \SystemRoot\System32\Drivers\Null.SYS 0x8CBD5000 \SystemRoot\System32\Drivers\Beep.SYS 0x8CBDC000 \SystemRoot\System32\drivers\vga.sys 0x8D95D000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x8CBE8000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x8CBF0000 \SystemRoot\system32\drivers\rdpencdd.sys 0x8D97E000 \SystemRoot\System32\Drivers\Msfs.SYS 0x8D989000 \SystemRoot\System32\Drivers\Npfs.SYS 0x8D997000 \SystemRoot\System32\DRIVERS\rasacd.sys 0x8D9A0000 \SystemRoot\system32\DRIVERS\tdx.sys 0x8D9B6000 \SystemRoot\system32\DRIVERS\smb.sys 0x8D9CA000 \SystemRoot\System32\DRIVERS\netbt.sys 0x8DE02000 \SystemRoot\system32\drivers\afd.sys 0x8DE4A000 \SystemRoot\system32\DRIVERS\pacer.sys 0x8DE60000 \SystemRoot\system32\DRIVERS\rtlprot.sys 0x8DE6A000 \SystemRoot\system32\DRIVERS\netbios.sys 0x8DE78000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x8DE8B000 \SystemRoot\system32\DRIVERS\ssmdrv.sys 0x8DE91000 \SystemRoot\System32\Drivers\SCDEmu.SYS 0x8DE9F000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x8DEDB000 \SystemRoot\system32\drivers\nsiproxy.sys 0x8DEE5000 \SystemRoot\System32\Drivers\dfsc.sys 0x8DEFC000 \SystemRoot\system32\DRIVERS\avipbb.sys 0x8DF1F000 \SystemRoot\system32\DRIVERS\RTL8187B.sys 0x8DF6F000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x8DF86000 \SystemRoot\System32\Drivers\UVCFTR_S.SYS 0x8DF8E000 \SystemRoot\System32\Drivers\usbvideo.sys 0x8DFAF000 \SystemRoot\System32\Drivers\crashdmp.sys 0x88129000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x9D400000 \SystemRoot\System32\win32k.sys 0x8DFBC000 \SystemRoot\System32\drivers\Dxapi.sys 0x8DFC6000 \SystemRoot\system32\DRIVERS\monitor.sys 0x9D620000 \SystemRoot\System32\TSDDD.dll 0x9D640000 \SystemRoot\System32\cdd.dll 0x8DFD5000 \SystemRoot\system32\drivers\luafv.sys 0x81604000 \SystemRoot\system32\DRIVERS\avgntflt.sys 0x81619000 \??\C:\Windows\system32\drivers\mbam.sys 0x8161D000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x8162D000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x81657000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x81661000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x81674000 \SystemRoot\system32\drivers\HTTP.sys 0x816E1000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x816FE000 \SystemRoot\system32\DRIVERS\bowser.sys 0x81717000 \SystemRoot\System32\drivers\mpsdrv.sys 0x8172C000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x8174B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x81784000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x8179C000 \SystemRoot\System32\DRIVERS\srv2.sys 0xB3E03000 \SystemRoot\System32\DRIVERS\srv.sys 0xB3E51000 \SystemRoot\system32\drivers\spsys.sys 0xB3F01000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys 0xB3F05000 \SystemRoot\system32\drivers\peauth.sys 0xB3FE3000 \SystemRoot\System32\Drivers\secdrv.SYS 0xB3FED000 \SystemRoot\System32\drivers\tcpipreg.sys 0x817C4000 \SystemRoot\system32\DRIVERS\XAudio32.sys 0x817CC000 \SystemRoot\system32\DRIVERS\cdfs.sys 0x77C70000 \Windows\System32\ntdll.dll Processes (total 59): 0 System Idle Process 4 System 532 C:\Windows\System32\smss.exe 600 csrss.exe 644 C:\Windows\System32\wininit.exe 652 csrss.exe 700 C:\Windows\System32\winlogon.exe 728 C:\Windows\System32\services.exe 748 C:\Windows\System32\lsass.exe 756 C:\Windows\System32\lsm.exe 916 C:\Windows\System32\svchost.exe 992 C:\Windows\System32\svchost.exe 1024 C:\Windows\System32\svchost.exe 1156 C:\Windows\System32\svchost.exe 1188 C:\Windows\System32\svchost.exe 1204 C:\Windows\System32\svchost.exe 1272 C:\Windows\System32\audiodg.exe 1292 C:\Windows\System32\svchost.exe 1312 C:\Windows\System32\SLsvc.exe 1364 C:\Windows\System32\svchost.exe 1488 C:\Windows\System32\svchost.exe 1688 C:\Windows\System32\spoolsv.exe 1712 C:\Program Files\Avira\AntiVir Desktop\sched.exe 1724 C:\Windows\System32\svchost.exe 1980 C:\Windows\System32\dwm.exe 1996 C:\Windows\System32\alg.exe 2004 C:\Windows\explorer.exe 308 C:\Program Files\Avira\AntiVir Desktop\avguard.exe 568 C:\Windows\System32\svchost.exe 1088 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 1264 C:\Windows\System32\taskeng.exe 1508 C:\Windows\System32\svchost.exe 1840 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 260 C:\Windows\System32\svchost.exe 1356 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe 2056 C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe 2100 C:\Windows\System32\TODDSrv.exe 2132 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 2156 C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe 2300 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE 2332 C:\Windows\System32\drivers\XAudio.exe 2512 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE 2644 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2660 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 2680 C:\Program Files\Common Files\Java\Java Update\jusched.exe 3028 C:\Windows\System32\taskeng.exe 3312 C:\Windows\System32\wbem\unsecapp.exe 3488 WmiPrvSE.exe 3868 C:\Windows\System32\svchost.exe 3580 C:\Program Files\Windows Media Player\wmpnscfg.exe 2716 C:\Program Files\Windows Media Player\wmpnetwk.exe 2872 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 3328 C:\Windows\System32\svchost.exe 3484 C:\Program Files\Windows Mail\WinMail.exe 4048 C:\Program Files\Mozilla Firefox\firefox.exe 3132 dllhost.exe 3624 dllhost.exe 2368 C:\Users\Jérémy\Documents\Téléchargements\MBRCheck.exe 3732 C:\Windows\System32\conime.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS) \\.\E: --> \\.\PhysicalDrive0 at offset 0x0000000e`4d200000 (NTFS) PhysicalDrive0 Model Number: TOSHIBAMK1252GSX, Rev: LV010M Size Device Name MBR Status -------------------------------------------- 111 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979 Done!

Re Je suis administrateur, je ne dois pas avoir de restrictions. Il ny a pas de controle parental et zeb-restore n'a rien changé. Ai vérifié comme vu sur forum qq clés du registre comme HKCU/microsoft/windows/CurrentVersion/policies/explorer. Je n'ai pas idées pour rechercher, si tu en as merci.

Re, Le PC fonctionne super, merci beaucoup de ton aide et de ta patience... Oui dans l'onglet organiser, il y a option des dossiers et recherche, et la opération annulée en veru des restrictions apportées à cet ordinateur. De meme dans la panneau de configuration, je ne peux pas ouvrir options des dossiers qui fourni à peu pres les memes outils.

Bjr, Merci de suivre et désolé si j'ai fait une erreur en répondant. En haut c'est marqué arrter de suivre ce sujet, je ne touche pas et là ai cliqué ajouter une réponse. Le PC semble fonctionner normalement, il ne manque que l'acces à options des dossiers et options des dossiers et recherche en étant sur un dossier dans l'outil organiser. Ci-dessous l'analyse All processes killed ========== OTL ========== Service wampmysqld stopped successfully! Service wampmysqld deleted successfully! Service wampapache stopped successfully! Service wampapache deleted successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{14f0d511-36a2-41ca-ae01-ba4f87282c97} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14f0d511-36a2-41ca-ae01-ba4f87282c97}\ not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultName| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {C3F79A2B-B9B4-4A66-B012-3EE46475B072} Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. C:\Lop SD\Backup-Lop\Reg folder moved successfully. C:\Lop SD\Backup-Lop folder moved successfully. C:\Lop SD folder moved successfully. C:\Users\Jérémy\Desktop\LopSD.exe moved successfully. C:\lopR.txt moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 56587 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Invité ->Temp folder emptied: 0 bytes User: Jérémy ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 12226902 bytes ->Java cache emptied: 54869794 bytes ->FireFox cache emptied: 48085821 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 1648 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 11485 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 110,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.17.3 log created on 11192010_135918 Files\Folders moved on Reboot... C:\Users\Jérémy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\C9320E64-EE0F-4422-B6DA-C0F3768C080E.dat moved successfully. C:\Users\Jérémy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully. C:\Users\Jérémy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LKKAD4YS\pc-infecte-t180988[1].htm moved successfully. C:\Users\Jérémy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K5N3KSBK\like[1].htm moved successfully. C:\Users\Jérémy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9R6MIN5D\ban_home_728x90[1].htm moved successfully. C:\Users\Jérémy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1211H8CZ\afr[1].htm moved successfully. Registry entries deleted on Reboot...

Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- Reg Error: Value error. htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0AFD45A2-322C-46FF-8642-EE164AD2AB3B}" = rport=139 | protocol=6 | dir=out | app=system | "{20A75116-6D63-4F82-B6C5-DA964ABE1B04}" = rport=138 | protocol=17 | dir=out | app=system | "{224D2114-2FB9-4BB7-9DA2-4468380C4BAC}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 | "{31FA9F85-FFAA-4923-AC8B-CECE419D90B3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{452359B8-8C5F-4A25-A0C6-8F51DF00734D}" = rport=445 | protocol=6 | dir=out | app=system | "{463F59B6-1E6A-4F9C-A820-AC6DA1022D76}" = rport=137 | protocol=17 | dir=out | app=system | "{48072C81-22F7-47AA-B08A-76A9AAAF8A46}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | "{4D7CD36C-B6CA-482A-A6CE-7F8C219F9BD4}" = lport=445 | protocol=6 | dir=in | app=system | "{9FE07AE1-6BA3-4A0A-8050-B47B81DE5AC0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{A4D4D5C3-4F08-4628-B15D-9BB9BFA5CEC3}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp | "{A6D7C16E-7BB9-4ED0-919C-DB1968A9BA81}" = lport=139 | protocol=6 | dir=in | app=system | "{B95B0101-6D3F-4222-9387-3878431F3A29}" = lport=138 | protocol=17 | dir=in | app=system | "{C37F2CCF-27FE-4F6B-AAB0-177A8219C39B}" = lport=137 | protocol=17 | dir=in | app=system | "{DB104328-B792-40BA-B2A0-85D10F9D534D}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 | "{E949EE84-2E2B-410B-8700-6FCC9A8C8A6D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{ECD64B0C-BF7E-465A-A96A-50840C253CB5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F81EAD27-C3D3-4426-A6F9-88BA79BAB703}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03DC1A5F-B40A-4F27-B973-99F0D2AA5E3A}" = protocol=1 | dir=out | [email protected],-28544 | "{06CE3376-0429-473D-A0FC-F6C4E4613B87}" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "{0DEAB4D6-9512-47AD-BCC6-E6A66E238BAF}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{146FFC12-6895-4C6E-807B-A5114FAE0387}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{1E974696-2F4B-481C-A4C9-A74E5010D9BD}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{21FC52DE-4691-4258-8AC4-2433B82DFA90}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{276CF3AA-64C6-4A8A-A971-D7A1E8F9BE0A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | "{34FBD42D-1C1A-4643-A578-629E7CC6EBF2}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{3856A519-4080-4B47-BB6F-965DCED31FC2}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{399230E4-1B3E-488A-B0C0-ECDBEA0A2245}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{3D369D0C-D46B-40D0-B60B-B9B6A20B8810}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{3F9F94F5-F3B5-4151-B92E-04548B683E42}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{44118C89-4FF4-40B8-B61A-D21E56FF3570}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{4D67C7DC-1D8D-41CE-8E17-AA5DD1F1A375}" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "{4DE3CF87-2E94-43F7-B52A-044AB82865DB}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{4F71FD74-DCAC-43C0-8365-10738C7DF3CA}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{503A66D4-9D61-468B-B4DC-37D8E50AD90E}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{53425706-BB32-4A6F-B1D6-7FFAAD3F41A8}" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "{55364A64-FA58-48F0-B1A4-52D9BD261903}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{5D16314A-E98D-414C-9563-2A422F9B3BDA}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{5E02FA91-1B01-4425-8AD2-60AC3329D14D}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{5E96CEAF-5EC7-473B-9C7B-DA0D25E2A298}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{65EAFD1A-7FEA-407A-8FF7-2BE23BC0FAB8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{670093A5-1953-4404-A9EC-CF9CBB1D7B02}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{67B7AA4E-78FB-40B3-A5A6-899FE450F0B5}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{69DF7DC9-A90F-41C3-B4EC-0B4B549DC1B7}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{6AB9C6CF-B121-4FC4-B479-3612B38EA469}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{6CAD3EED-365E-44F3-A225-BC5B5FFFE6AE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6CBB4FCA-0A67-43E1-935F-043843A14F7E}" = protocol=58 | dir=out | [email protected],-28546 | "{77BE3E79-6E80-4212-8F05-80BBD9E2F270}" = dir=in | app=c:\windows\explorer.exe | "{7ACC6E87-8C12-4adb-91B7-EFC3F2F4705A}" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "{7B365068-BE9E-423C-A11E-FC6DCE12B95B}" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "{7FE2A168-A90C-4803-A609-2EA06F836125}" = dir=in | app=f:\setup\hpznui01.exe | "{87FF938E-2029-41F4-9532-327E70E66566}" = protocol=6 | dir=in | app=c:\program files\sfr\media center\httpd\httpd.exe | "{88ADEFFA-AD38-4BAB-997E-C32A962AD929}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{8EB12418-A71C-40E1-89B9-F9C52928AEB8}" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "{8F688CE9-D295-491E-AF77-45CD16F0A344}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{92459C5E-D350-4cba-AA74-C8F989C9336F}" = protocol=17 | dir=out | app=c:\windows\explorer.exe | "{99D69130-DB17-4D1E-8E79-AEE151B81CFC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | "{9CB05515-257C-4C03-95EC-634272322F71}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{A735F854-AF0D-479F-8EFF-88A67CBFF8BC}" = protocol=6 | dir=in | app=c:\program files\lecteur canalplay\canalplayer.exe | "{A8377D18-DD29-480D-BD00-FF8376DB65E3}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{AB029F55-B492-4B6C-A427-AE4ED33B465D}" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "{AD6A27A4-21D1-4500-8F0E-0F7A63D0DEC3}" = protocol=58 | dir=in | [email protected],-28545 | "{AE5EDBC9-90F9-4BA7-8831-ABD0D749E6A5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{B078B2B6-A878-44ff-9BCC-458257924F96}" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "{B1A40E4F-58DB-490f-9D18-55B5194E8BD5}" = protocol=6 | dir=out | app=c:\windows\explorer.exe | "{B1E80ADF-0438-4C74-BCB3-A9830EC32B7D}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{B3AD20D0-E585-462C-9E5D-D3B17FE09195}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{BA1AB6CD-4306-4C30-847E-6107040F06F8}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{C3E9B20A-B7E2-4aab-9835-3C548937E46F}" = dir=out | app=c:\windows\explorer.exe | "{C45FAB61-2251-479C-8B9B-A87ACB9EF00F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{C797418C-729B-414E-8405-F22B99D3D8E1}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{CA869A59-6E36-4765-A295-3B2A10DD043A}" = protocol=1 | dir=in | [email protected],-28543 | "{CD263584-992A-4604-8958-4BE6B1E695DD}" = protocol=6 | dir=out | app=%systemroot%\explorer.exe | "{D088C219-1077-415D-AB1A-F3AA876FC79D}" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "{D491EC2D-8DA7-46E2-AA88-71A3025A5D70}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{D4B8ED9E-37FC-4940-B8C2-DB30584AFF26}" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "{D7D8A3D4-B027-4866-8C9C-E5172D462D01}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{DD9D204C-D7B7-4DAA-BA59-38E64B5D8859}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{E54D65C6-E190-4A01-AB20-2DF17C5A11FE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | "{E564C0D3-C5D5-460F-8201-ADEB309C06DE}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{E5A62F6E-8B88-46F4-9BA8-A9D5CB5632DB}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{E5DB619A-1B4A-4BEE-AC39-780E9EE521A2}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{E5E3EA8E-9480-4EE7-A3C2-6BDAB5D02BEB}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{EB3A94BE-6063-4568-ADA6-858E5CCA9969}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "{F2C97419-1937-4AA4-8097-E8AF5C23459F}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{FAF79FE7-2E3E-4FDD-8B79-33DB9D6F4047}" = protocol=17 | dir=in | app=c:\program files\sfr\media center\httpd\httpd.exe | "{FE9B681C-274E-4AD1-89DD-C2CDCAAA093D}" = protocol=17 | dir=in | app=c:\program files\lecteur canalplay\canalplayer.exe | "{FF4FFD95-AEC0-4347-AF93-5D609A61E794}" = protocol=6 | dir=in | app=%systemroot%\explorer.exe | "TCP Query User{04DB6197-24A9-453A-9794-3D02A89F509A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{14E5A35F-6844-4347-B352-56AB7F19FB92}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "TCP Query User{18067340-A64C-45EA-AD55-4CF3871B97AF}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe | "TCP Query User{22EE6120-F87D-422B-A791-99E731B31996}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe | "TCP Query User{2A56D489-1ABC-4B57-83DB-39941508A1F0}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "TCP Query User{2EA8033D-D73E-43D2-8E83-662F62918270}C:\program files\rayv\rayv\rayv.exe" = protocol=6 | dir=in | app=c:\program files\rayv\rayv\rayv.exe | "TCP Query User{3A0199E5-6EF8-4613-9879-49B9AB544624}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "TCP Query User{524EF334-BEF1-44C9-B692-6DBB5A5AE298}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{5852236B-C69B-40DA-B182-2E42AC76AC93}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{6E96E8C9-2B3C-4A23-A517-CDAFCFEAD7D3}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{73CED6DD-1B82-428F-B4E5-7B9DBE078F50}C:\program files\sfr\media center\httpd\httpd.exe" = protocol=6 | dir=in | app=c:\program files\sfr\media center\httpd\httpd.exe | "TCP Query User{8F444DE6-B8CE-4655-81A7-E4DE24C952AB}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe | "TCP Query User{97BD3866-FB24-4700-80DA-65F1F3DCDF37}C:\program files\multi file downloader\multifiledownloader.exe" = protocol=6 | dir=in | app=c:\program files\multi file downloader\multifiledownloader.exe | "TCP Query User{A42445B7-B164-450C-B4D7-5FFDAAEAB5EC}C:\program files\shareaza\shareaza.exe" = protocol=6 | dir=in | app=c:\program files\shareaza\shareaza.exe | "TCP Query User{C3961581-B74C-4CEA-B4A2-EB013F31E167}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "TCP Query User{FFE1D063-16DF-44D9-BAD9-5E3CFBC0A3C7}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "UDP Query User{095D5AC4-A7D6-445D-A8B0-A41840CEE00E}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "UDP Query User{101A9AF2-B15B-4535-B57E-A4619E7250EE}C:\program files\rayv\rayv\rayv.exe" = protocol=17 | dir=in | app=c:\program files\rayv\rayv\rayv.exe | "UDP Query User{1B4BF8C1-257C-4E5D-A3D3-082BF56832C4}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe | "UDP Query User{21E91FD1-FCDA-46F8-BDCA-5171F8A514B2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{2DCDBFA7-63D2-4BF4-8CAE-5C482A325203}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "UDP Query User{388069C4-96C8-4DE5-AF05-F0D03244D735}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "UDP Query User{5556D1A7-E00C-4B8C-A064-E7992BA8F2DC}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{5C86F3B0-D911-4F11-BB4E-9CB30610D394}C:\program files\shareaza\shareaza.exe" = protocol=17 | dir=in | app=c:\program files\shareaza\shareaza.exe | "UDP Query User{603F7DED-4A06-4EE4-87B5-83999B6852CA}C:\program files\multi file downloader\multifiledownloader.exe" = protocol=17 | dir=in | app=c:\program files\multi file downloader\multifiledownloader.exe | "UDP Query User{8485D49A-FA76-4FF6-ACA7-17E3EC4ECE3E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{8AEE6FD4-6F69-4873-B340-0D21A1D9AF2E}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe | "UDP Query User{AB0B55A2-81BD-4CAA-A00C-7DEA7C175C0F}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "UDP Query User{B2B7BDDC-A074-4148-A663-93E632CA75FE}C:\program files\sfr\media center\httpd\httpd.exe" = protocol=17 | dir=in | app=c:\program files\sfr\media center\httpd\httpd.exe | "UDP Query User{CF7DA35B-2856-4D52-B081-A465FF303466}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | "UDP Query User{DA8DC5B9-CF61-4FEF-9185-D2ACBEA971B0}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "UDP Query User{E88DA715-BB93-4339-873C-F26B6ECC99BB}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0271A4CB-D48C-4CDF-826F-62EE8D91663F}_is1" = WahOO "{02CA24DD-C8B0-4280-BE53-7862869C2EB1}" = Realtek WiFi Protected Setup Library "{04DA096D-6236-4A5D-8FB6-3081E67009BA}" = Lecteur CANAL "{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller "{09180081-2C94-4A67-8E55-8483C019C7D2}" = Microsoft Encarta 2009 - Collection "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1 "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist "{134EE273-0F1C-4A5B-817D-13111DB75B14}" = B109n-z "{14E3D14B-7852-477D-ACE2-895AF4322804}" = Ma-Config.com "{15A6D20D-E6A1-49AE-8BCA-CFBCF25DE5FD}" = WinTask 3.7a "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 22 "{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photorécit 3 pour Windows "{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS "{5B1DD5AA-FF34-4D6E-A912-CB46BB7378DC}" = Manuels TOSHIBA "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{66D475AE-F18B-43A0-8BAF-61AF4403E339}" = Webcam 1200 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{722B4A13-F24D-43AE-8813-5DB82C0B23C2}" = HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder "{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree "{7B0A8F0E-3672-4DA5-9540-A8D0171C38D8}" = TuneUp Utilities Language Pack (fr-FR) "{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update "{8466940C-84D8-484C-B1E3-C2E4D73FD5DD}" = PS_AIO_06_B109n-z_SW_Min "{857CBF4A-192C-44B0-86A5-6281FCEFA1FE}" = FileOpen Client "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista "{895722FE-25FE-4854-95AC-B0C42F9DBEDA}" = REALTEK RTL8187B Wireless LAN Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit du lecteur de CD/DVD "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime "{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}" = Microsoft Antimalware Service FR-FR Language Pack "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1036-7B44-A82000000003}" = Adobe Reader 8.2.5 - Français "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C71890B6-A81A-47D2-85A0-AD2269556FD1}" = Management-Ware Contact List Builder "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D9267488-4DC9-4D6B-866D-40E19A23CC04}_is1" = 9Giga Synchro v2.9.2 "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware "{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher "{E9E37358-E3E1-47BA-9E21-375EF3616BC9}" = Lecteur CANALPLAY 2.4 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA "{F23785D1-8C3C-44A1-A765-13E1F4870223}" = Google Désactivation du cookie publicitaire "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{FCFBA290-CB48-4AF1-A241-2685AEDEDD66}" = Windows Live Family Safety "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "afplanet" = AnglaisFacile.com - Planet English "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Camfrog 5.5" = Camfrog Video Chat 5.5 "CCleaner" = CCleaner "com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI "EA Download Manager" = EA Download Manager "editus" = Annuaires du Luxembourg 2007 "Google Chrome" = Google Chrome "HDMI" = Intel® Graphics Media Accelerator Driver "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Print Projects" = HP Print Projects 1.0 "HP Smart Web Printing" = HP Smart Web Printing 4.60 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HTML Help Workshop" = HTML Help Workshop "InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder "InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher "InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "jv16 PowerTools_is1" = jv16 PowerTools 1.3 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Management-Ware Contact List Builder" = Management-Ware Contact List Builder "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft Security Essentials" = Microsoft Security Essentials "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "Neuf_Kit" = Neuf - Kit de connexion "Neuf_TV_PC" = TV sur PC "Notepad++" = Notepad++ "PokerStars.fr" = PokerStars.fr "PowerISO" = PowerISO "SFR" = Désinstallation du SFR Video Manager "SFR_Media Center" = SFR - Media Center "SynTPDeinstKey" = Synaptics Pointing Device Driver "TuneUp Utilities" = TuneUp Utilities "UltraDefrag" = Ultra Defragmenter "VLC media player" = VLC media player 1.0.5 "Winamp" = Winamp "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WinLiveSuite" = Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR "Xvid_is1" = Xvid 1.2.2 final uninstall "Zeb Help Process_is1" = ZebHelpProcess 2.38 "ZHPDiag_is1" = ZHPDiag 1.25 "ZHPFix_is1" = ZHPFix 1.12 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "fc08-FR_CANALPLUS_MAIN" = Footeball Challenge 2008 (Canal+) "Moniteur neufbox" = Moniteur neufbox ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 23/09/2009 03:31:07 | Computer Name = PC-de-Jérémy | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18813, horodatage 0x4a6621ae, module défaillant Flash10c.ocx, version 10.0.32.18, horodatage 0x4a613d79, code d’exception 0xc0000005, décalage d’erreur 0x001579a2, ID du processus 0x92c, heure de début de l’application 0x01ca3c1cb93bb040. Error - 23/09/2009 03:45:30 | Computer Name = PC-de-Jérémy | Source = Application Hang | ID = 1002 Description = Le programme iexplore.exe version 8.0.6001.18813 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 116c Heure de début : 01ca3c1cb8f909c0 Heure de fin : 61 Error - 23/09/2009 06:48:15 | Computer Name = PC-de-Jérémy | Source = Application Error | ID = 1000 Description = Application défaillante patch.CORE.exe, version 0.0.0.0, horodatage 0x4ab31952, module défaillant patch.CORE.exe, version 0.0.0.0, horodatage 0x4ab31952, code d’exception 0xc0000005, décalage d’erreur 0x00001b86, ID du processus 0xd94, heure de début de l’application 0x01ca3c3b58777040. Error - 23/09/2009 11:21:55 | Computer Name = PC-de-Jérémy | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18813, horodatage 0x4a6621ae, module défaillant Flash10c.ocx, version 10.0.32.18, horodatage 0x4a613d79, code d’exception 0xc0000005, décalage d’erreur 0x001579a2, ID du processus 0xe10, heure de début de l’application 0x01ca3c5e066f99d0. Error - 23/09/2009 11:23:06 | Computer Name = PC-de-Jérémy | Source = Application Hang | ID = 1002 Description = Le programme iexplore.exe version 8.0.6001.18813 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 7ec Heure de début : 01ca3c5dd6f50780 Heure de fin : 0 Error - 23/09/2009 11:32:24 | Computer Name = PC-de-Jérémy | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18813, horodatage 0x4a6621ae, module défaillant Flash10c.ocx, version 10.0.32.18, horodatage 0x4a613d79, code d’exception 0xc0000005, décalage d’erreur 0x001579a2, ID du processus 0xbb8, heure de début de l’application 0x01ca3c621dc5db40. Error - 23/09/2009 11:39:26 | Computer Name = PC-de-Jérémy | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18813, horodatage 0x4a6621ae, module défaillant Flash10c.ocx, version 10.0.32.18, horodatage 0x4a613d79, code d’exception 0xc0000005, décalage d’erreur 0x00157429, ID du processus 0x1770, heure de début de l’application 0x01ca3c6339527ac0. Error - 23/09/2009 12:03:03 | Computer Name = PC-de-Jérémy | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18813, horodatage 0x4a6621ae, module défaillant Flash10c.ocx, version 10.0.32.18, horodatage 0x4a613d79, code d’exception 0xc0000005, décalage d’erreur 0x001579a2, ID du processus 0x1140, heure de début de l’application 0x01ca3c66c3c375d0. Error - 23/09/2009 12:59:41 | Computer Name = PC-de-Jérémy | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 8.0.6001.18813, horodatage 0x4a6621ae, module défaillant Flash10c.ocx, version 10.0.32.18, horodatage 0x4a613d79, code d’exception 0xc0000005, décalage d’erreur 0x001579a2, ID du processus 0x1740, heure de début de l’application 0x01ca3c6e21d68b10. Error - 23/09/2009 13:58:59 | Computer Name = PC-de-Jérémy | Source = WinMgmt | ID = 10 Description = [ Canal+ Events ] Error - 21/04/2009 23:18:13 | Computer Name = PC-de-Jérémy | Source = VideoOnDemand | ID = 0 Description = IdentityHandler : Le thread a été abandonné. Error - 21/04/2009 23:18:13 | Computer Name = PC-de-Jérémy | Source = VideoOnDemand | ID = 0 Description = ServicesAdapter::ProcessRequest : Le thread a été abandonné. Error - 22/04/2009 08:50:25 | Computer Name = PC-de-Jérémy | Source = VideoOnDemand | ID = 0 Description = IdentityHandler : Le thread a été abandonné. Error - 22/04/2009 08:50:25 | Computer Name = PC-de-Jérémy | Source = VideoOnDemand | ID = 0 Description = ServicesAdapter::ProcessRequest : Le thread a été abandonné. Error - 26/06/2009 21:57:14 | Computer Name = PC-de-Jérémy | Source = VideoOnDemand | ID = 0 Description = Application.RegisterObjects : L'enregistrement COM de "CanalPlus.VOD.HtmlAdapter.dll" a échoué Error - 26/06/2009 21:57:14 | Computer Name = PC-de-Jérémy | Source = VideoOnDemand | ID = 0 Description = Application.RegisterObjects : L'enregistrement COM de "DRMHelper.dll" a échoué Error - 13/07/2009 18:56:40 | Computer Name = PC-de-Jérémy | Source = VideoOnDemand | ID = 0 Description = Application.UpdateCore : Le thread a été abandonné. Error - 05/09/2009 13:33:06 | Computer Name = PC-de-Jérémy | Source = VideoOnDemand | ID = 0 Description = ServicesAdapter::ProcessRequest : Le thread a été abandonné. Error - 13/09/2009 16:18:34 | Computer Name = PC-de-Jérémy | Source = VideoOnDemand | ID = 0 Description = Application.UpdateCore : Balisage DTD attendu introuvable. Ligne 2, position 3. Error - 13/09/2009 16:18:35 | Computer Name = PC-de-Jérémy | Source = VideoOnDemand | ID = 0 Description = Application.UpdateWidget : Balisage DTD attendu introuvable. Ligne 2, position 3. [ System Events ] Error - 18/11/2010 04:58:52 | Computer Name = PC-de-Jérémy | Source = Service Control Manager | ID = 7026 Description = Error - 18/11/2010 05:27:04 | Computer Name = PC-de-Jérémy | Source = Service Control Manager | ID = 7034 Description = Error - 18/11/2010 05:27:33 | Computer Name = PC-de-Jérémy | Source = Service Control Manager | ID = 7030 Description = Error - 18/11/2010 05:42:10 | Computer Name = PC-de-Jérémy | Source = Service Control Manager | ID = 7030 Description = Error - 18/11/2010 14:19:41 | Computer Name = PC-de-Jérémy | Source = Service Control Manager | ID = 7030 Description = Error - 18/11/2010 14:37:50 | Computer Name = PC-de-Jérémy | Source = Service Control Manager | ID = 7030 Description = Error - 18/11/2010 14:38:11 | Computer Name = PC-de-Jérémy | Source = Service Control Manager | ID = 7030 Description = Error - 18/11/2010 14:41:20 | Computer Name = PC-de-Jérémy | Source = Service Control Manager | ID = 7001 Description = Error - 18/11/2010 14:41:20 | Computer Name = PC-de-Jérémy | Source = Service Control Manager | ID = 7023 Description = Error - 18/11/2010 14:41:20 | Computer Name = PC-de-Jérémy | Source = Service Control Manager | ID = 7026 Description = [ TuneUp Events ] Error - 12/05/2010 10:37:38 | Computer Name = PC-de-Jérémy | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 12/05/2010 11:39:33 | Computer Name = PC-de-Jérémy | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 12/05/2010 14:35:49 | Computer Name = PC-de-Jérémy | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 13/05/2010 00:17:18 | Computer Name = PC-de-Jérémy | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 13/05/2010 00:17:34 | Computer Name = PC-de-Jérémy | Source = TuneUp.UtilitiesSvc | ID = 300 Description = Error - 13/05/2010 00:19:19 | Computer Name = PC-de-Jérémy | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 13/05/2010 05:28:16 | Computer Name = PC-de-Jérémy | Source = TuneUp.UtilitiesSvc | ID = 300 Description = Error - 13/05/2010 05:56:44 | Computer Name = PC-de-Jérémy | Source = TuneUp.UtilitiesSvc | ID = 300 Description = Error - 13/05/2010 08:18:42 | Computer Name = PC-de-Jérémy | Source = TuneUp.UtilitiesSvc | ID = 300 Description = Error - 13/05/2010 08:43:35 | Computer Name = PC-de-Jérémy | Source = TuneUp.UtilitiesSvc | ID = 300 Description = < End of report >

ComboFix 10-11-17.02 - Jérémy 18/11/2010 19:20:47.4.1 - x86 Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.2037.1003 [GMT 1:00] Lancé depuis: c:\users\Jérémy\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\Jérémy\Desktop\CFScript.txt SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_dqxuasr -------\Service_WinTaskAdmin ((((((((((((((((((((((((((((( Fichiers créés du 2010-10-18 au 2010-11-18 )))))))))))))))))))))))))))))))))))) . 2010-11-18 18:37 . 2010-11-18 18:43 -------- d-----w- c:\users\Jérémy\AppData\Local\temp 2010-11-18 18:37 . 2010-11-18 18:37 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-11-18 18:37 . 2010-11-18 18:37 -------- d-----w- c:\users\Invité\AppData\Local\temp 2010-11-18 18:37 . 2010-11-18 18:37 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-11-18 18:37 . 2010-11-18 18:37 -------- d-----w- c:\users\Administrateur\AppData\Local\temp 2010-11-18 14:42 . 2010-11-18 14:50 -------- d-----w- C:\Lop SD 2010-11-17 14:35 . 2010-11-17 14:35 -------- d-----w- c:\program files\ESET 2010-11-17 14:06 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A690586-FA34-4CB1-92BE-0A35DC716480}\mpengine.dll 2010-11-17 14:04 . 2010-11-18 08:29 -------- d-----w- c:\windows\Logs 2010-11-17 12:54 . 2010-11-17 12:54 -------- d-----w- c:\users\Jérémy\Recent 2010-11-16 14:30 . 2010-11-16 14:30 -------- d-----w- c:\program files\jv16 PowerTools 2010-11-16 13:14 . 2010-11-16 13:14 -------- d-----w- c:\users\Jérémy\AppData\Roaming\FileOpen 2010-11-16 11:54 . 2010-11-16 11:54 -------- d-----w- c:\users\Jérémy\AppData\Roaming\Macromedia 2010-11-14 16:24 . 2010-11-14 16:24 -------- d-----w- c:\users\Jérémy\AppData\Roaming\Avira 2010-11-14 16:21 . 2010-08-17 12:39 126856 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-11-14 16:21 . 2010-08-17 12:39 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-11-14 16:21 . 2010-11-14 16:21 -------- d-----w- c:\programdata\Avira 2010-11-14 16:21 . 2010-11-14 16:21 -------- d-----w- c:\program files\Avira 2010-11-14 12:18 . 2010-11-15 18:03 -------- d-----w- c:\program files\trend micro 2010-11-11 12:50 . 2010-11-12 18:49 -------- d-----w- c:\program files\AutomateBuilder 2010-11-10 21:43 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2010-11-07 19:44 . 2010-11-07 19:44 -------- d-----w- c:\program files\PowerISO 2010-11-05 08:03 . 2010-11-05 08:03 -------- d-----w- c:\users\Jérémy\AppData\Roaming\Management-Ware Solutions Inc 2010-11-05 08:03 . 2010-11-05 08:03 -------- dc-h--w- c:\programdata\{0B060988-B414-420C-BAAC-D4320DF97431} 2010-10-26 23:22 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-10-26 23:21 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-10-26 23:21 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-10-26 09:51 . 2010-10-26 09:51 -------- d-----w- c:\program files\TrendMicro 2010-10-22 16:00 . 2010-10-22 16:00 -------- d-----w- c:\windows\fr 2010-10-22 16:00 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2010-10-22 15:55 . 2009-09-04 15:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2010-10-22 15:55 . 2009-09-04 15:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2010-10-22 15:55 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2010-10-21 12:01 . 2010-10-21 12:01 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\9ee0c0381cb71172b\InstallManager_WLE_WLE.exe 2010-10-21 11:58 . 2010-10-21 11:58 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\49b9e4681cb71171f\MeshBetaRemover.exe 2010-10-21 11:56 . 2010-10-21 11:56 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\d87e3781cb711718\DXSETUP.exe 2010-10-21 11:56 . 2010-10-21 11:56 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\d87e3781cb711718\dsetup32.dll 2010-10-21 11:56 . 2010-10-21 11:56 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\d87e3781cb711718\DSETUP.dll 2010-10-21 11:56 . 2010-10-21 11:56 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\6d409a81cb711717\DSETUP.dll 2010-10-21 11:56 . 2010-10-21 11:56 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\6d409a81cb711717\DXSETUP.exe 2010-10-21 11:56 . 2010-10-21 11:56 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\6d409a81cb711717\dsetup32.dll 2010-10-21 11:53 . 2010-11-16 00:23 -------- d-----w- c:\users\Jérémy\AppData\Local\Windows Live 2010-10-21 11:52 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-16 17:45 . 2008-02-15 13:50 319456 ----a-w- c:\windows\DIFxAPI.dll 2010-10-19 20:51 . 2009-10-03 03:48 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-07 15:21 . 2009-11-04 12:48 6146896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2010-09-24 07:49 . 2010-09-24 07:49 8704 ----a-w- c:\windows\system32\bootexctrl.exe 2010-09-24 07:49 . 2010-09-24 07:49 11776 ----a-w- c:\windows\system32\wgx.dll 2010-09-24 07:49 . 2010-09-24 07:49 24576 ----a-w- c:\windows\system32\udefrag.exe 2010-09-24 07:49 . 2010-09-24 07:49 14848 ----a-w- c:\windows\system32\lua5.1a_gui.exe 2010-09-24 07:49 . 2010-09-24 07:49 10752 ----a-w- c:\windows\system32\lua5.1a.exe 2010-09-24 07:48 . 2010-09-24 07:48 92160 ----a-w- c:\windows\system32\lua5.1a.dll 2010-09-24 07:48 . 2010-09-24 07:48 8192 ----a-w- c:\windows\system32\udefrag.dll 2010-09-24 07:48 . 2010-09-24 07:48 6144 ----a-w- c:\windows\system32\hibernate4win.exe 2010-09-24 07:48 . 2010-09-24 07:48 48640 ----a-w- c:\windows\system32\udefrag-kernel.dll 2010-09-24 07:48 . 2010-09-24 07:48 47104 ----a-w- c:\windows\system32\zenwinx.dll 2010-09-24 07:48 . 2010-09-24 07:48 88064 ----a-w- c:\windows\system32\defrag_native.exe 2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-09-15 02:50 . 2010-05-10 08:26 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-13 13:56 . 2010-10-14 10:12 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2010-09-10 07:33 . 2010-10-13 16:10 13256 ----a-w- c:\users\Jérémy\cc_20100910_073352.reg 2010-09-10 07:33 . 2010-10-13 16:10 13256 ----a-w- c:\users\Jérémy\cc_20100910_073352.reg 2010-09-06 16:20 . 2010-10-14 10:12 125952 ----a-w- c:\windows\system32\srvsvc.dll 2010-09-06 16:19 . 2010-10-14 10:12 17920 ----a-w- c:\windows\system32\netevent.dll 2010-09-06 13:45 . 2010-10-14 10:12 304128 ----a-w- c:\windows\system32\drivers\srv.sys 2010-09-06 13:45 . 2010-10-14 10:12 145408 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-09-06 13:45 . 2010-10-14 10:12 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-08-31 22:46 . 2010-10-11 20:34 1355264 ----a-w- c:\windows\system32\jscript9.dll 2010-08-31 22:44 . 2010-10-11 20:34 367104 ----a-w- c:\windows\system32\html.iec 2010-08-31 22:44 . 2010-10-11 20:34 1448448 ----a-w- c:\windows\system32\inetcpl.cpl 2010-08-31 22:44 . 2010-10-11 20:34 1122304 ----a-w- c:\windows\system32\wininet.dll 2010-08-31 22:44 . 2010-10-11 20:34 424960 ----a-w- c:\windows\system32\vbscript.dll 2010-08-31 22:43 . 2010-10-11 20:34 23552 ----a-w- c:\windows\system32\licmgr10.dll 2010-08-31 22:43 . 2010-10-11 20:34 72704 ----a-w- c:\windows\system32\SetDepNx.exe 2010-08-31 22:43 . 2010-10-11 20:34 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2010-08-31 22:43 . 2010-10-11 20:34 114176 ----a-w- c:\windows\system32\iesysprep.dll 2010-08-31 22:43 . 2010-10-11 20:34 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2010-08-31 22:43 . 2010-10-11 20:34 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2010-08-31 22:42 . 2010-10-11 20:34 51200 ----a-w- c:\windows\system32\admparse.dll 2010-08-31 22:42 . 2010-10-11 20:34 75264 ----a-w- c:\windows\system32\iesetup.dll 2010-08-31 22:42 . 2010-10-11 20:34 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2010-08-31 22:42 . 2010-10-11 20:34 150016 ----a-w- c:\windows\system32\iexpress.exe 2010-08-31 22:42 . 2010-10-11 20:34 149504 ----a-w- c:\windows\system32\wextract.exe 2010-08-31 22:42 . 2010-10-11 20:34 33280 ----a-w- c:\windows\system32\imgutil.dll 2010-08-31 22:42 . 2010-10-11 20:34 48640 ----a-w- c:\windows\system32\mshtmler.dll 2010-08-31 22:42 . 2010-10-11 20:34 11264 ----a-w- c:\windows\system32\mshta.exe 2010-08-31 22:42 . 2010-10-11 20:34 2381824 ----a-w- c:\windows\system32\mshtml.tlb 2010-08-31 22:42 . 2010-10-11 20:34 63488 ----a-w- c:\windows\system32\tdc.ocx 2010-08-31 22:41 . 2010-10-11 20:34 160768 ----a-w- c:\windows\system32\msls31.dll 2010-08-31 15:46 . 2010-10-14 10:10 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-08-31 15:46 . 2010-10-14 10:10 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-08-31 15:44 . 2010-10-14 10:13 531968 ----a-w- c:\windows\system32\comctl32.dll 2010-08-31 13:27 . 2010-10-14 10:09 2038272 ----a-w- c:\windows\system32\win32k.sys 2010-08-26 16:37 . 2010-10-14 10:10 157184 ----a-w- c:\windows\system32\t2embed.dll 2010-08-26 16:33 . 2010-10-26 23:21 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll 2010-08-26 16:33 . 2010-10-26 23:21 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2010-08-26 16:33 . 2010-10-26 23:21 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll 2010-08-26 16:33 . 2010-10-26 23:21 542720 ----a-w- c:\windows\apppatch\AcLayers.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Connexion SFR 9props.exe"="c:\program files\Neuf\Kit\9props.exe" [2008-01-15 1103088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904] "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768] c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2007-7-27 389120] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoWinKeys"= 1 (0x1) "NoSMMyDocs"= 1 (0x1) "NoFavoritesMenu"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoUpdate Monitor.lnk] backup=c:\windows\pss\AutoUpdate Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Jérémy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^syspck32.exe] backupExtension=.Startup [HKLM\~\startupfolder\C:^Users^Jérémy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TRDCReminder.lnk] backup=c:\windows\pss\TRDCReminder.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software] 2008-09-26 13:22 417792 ----a-w- c:\program files\Camera Assistant Software for Toshiba\traybar.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E09FXLRD_6746356] 2008-05-28 11:35 351000 ----a-w- c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box] 2009-10-09 08:22 122880 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] 2010-04-12 08:40 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2008-08-28 13:23 6037504 ----a-w- c:\windows\RtHDVCpl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-11-20 17:15 1826816 ----a-w- c:\windows\SkyTel.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "E09FXLRD_7108357"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "Connexion SFR 9props.exe"="c:\program files\Neuf\Kit\9props.exe" /trayicon "BrowserChoice"="c:\windows\System32\browserchoice.exe" /run "Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized "E09FXLRD_5707156"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_54684294"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_17597427"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_16002005"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_11305501"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_3768734"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_24566709"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_1727867"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_17239249"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_12907195"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_1160007"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" /start "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" -autorun "topi"=c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup "Desktop SMS"=c:\program files\IDM\Desktop SMS\DesktopSMS.exe /auto "HSON"=%ProgramFiles%\TOSHIBA\TBS\HSON.exe "HotKeysCmds"=c:\windows\system32\hkcmd.exe "IgfxTray"=c:\windows\system32\igfxtray.exe "Persistence"=c:\windows\system32\igfxpers.exe "SmoothView"=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe "00TCrdMain"=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe "TPwrMain"=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 135664] R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832] R3 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2010-07-06 188416] R3 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960] R3 HexTunnelDevice;Hexago Multi-Virtual Tunnel Adapter;c:\windows\system32\DRIVERS\hextun.sys [2009-02-24 22176] R3 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2008-01-21 21504] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x] R3 Service CANALPLAY;Service CANALPLAY;c:\program files\Lecteur CANALPLAY\CanalPlayService.exe [2008-06-20 436096] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2009-04-23 16640] S1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-08-17 135336] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464] S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976] S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] S3 RTL8187B;Adaptateur réseau USB 2.0 54Mbps, 802.11b/g sans fil Realtek RTL8187B;c:\windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 290304] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc HsfXAudioService REG_MULTI_SZ HsfXAudioService HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Tâches planifiées' 2010-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 17:31] 2010-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 17:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://google.fr/ uSearchMigratedDefaultURL = hxxp://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mWindow Title = Trusted Zone: sfr.fr\vod-pc FF - ProfilePath - c:\users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\t8u3kjpa.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-chromesbox-en-us&query= FF - prefs.js: browser.search.selectedEngine - Winamp Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q= FF - plugin: c:\program files\Canal\Canal Widget\VOD\npCpVod.dll FF - plugin: c:\program files\Common Files\Glowria\npFireVMGate.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPCARDS.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: browser.sessionstore.resume_from_crash - false FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q= . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-11-18 19:43 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-105076205-141631563-4271315066-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D5D51130-7B5C-66E8-DC27-5A3DBE59AA64}*] "iapkkjgcinohngdbpa"=hex:6b,61,64,70,66,6a,6f,66,68,6a,70,6e,70,6a,66,6a,70,64, 67,65,65,64,00,00 "jajkmipfnfgfgnklngin"=hex:6b,61,64,70,66,6a,6f,66,68,6a,70,6e,70,6a,66,6a,70, 64,67,65,65,64,00,00 [HKEY_USERS\S-1-5-21-105076205-141631563-4271315066-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:07,55,b2,d6,fa,ef,73,93,af,d7,6c,d6,60,4d,4a,ad,5c,dc,a2,6e,32,ae,5e, 86,0c,cc,53,56,a6,28,04,0a,10,34,31,f3,d1,a2,9a,82,89,c5,5e,06,46,45,5b,47,\ "??"=hex:64,a0,df,fc,0c,d3,06,83,b8,46,86,b9,3b,92,66,12 [HKEY_USERS\S-1-5-21-105076205-141631563-4271315066-1000\Software\SecuROM\License information*] "datasecu"=hex:c4,f3,ab,f0,7f,24,8c,17,98,d2,18,82,88,50,69,e4,85,81,99,4f,7f, 08,5c,78,fa,6d,3d,65,2b,7a,bc,8d,fb,4a,40,fc,20,70,c1,26,b8,83,bb,f3,30,ce,\ "rkeysecu"=hex:df,9e,6f,40,b2,9a,56,38,03,40,dd,79,fb,61,a0,fe [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Autres processus actifs ------------------------ . c:\program files\Microsoft Security Essentials\MsMpEng.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe c:\windows\system32\TODDSrv.exe c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\wbem\unsecapp.exe . ************************************************************************** . Heure de fin: 2010-11-18 20:04:47 - La machine a redémarré ComboFix-quarantined-files.txt 2010-11-18 19:04 Avant-CF: 12 740 784 128 octets libres Après-CF: 11 798 687 744 octets libres - - End Of File - - 9C78E09ED3484C2973B7F8628CC08446 ComboFix 10-11-17.02 - Jérémy 18/11/2010 19:20:47.4.1 - x86 Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6002.2.1252.33.1036.18.2037.1003 [GMT 1:00] Lancé depuis: c:\users\Jérémy\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\Jérémy\Desktop\CFScript.txt SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_dqxuasr -------\Service_WinTaskAdmin ((((((((((((((((((((((((((((( Fichiers créés du 2010-10-18 au 2010-11-18 )))))))))))))))))))))))))))))))))))) . 2010-11-18 18:37 . 2010-11-18 18:43 -------- d-----w- c:\users\Jérémy\AppData\Local\temp 2010-11-18 18:37 . 2010-11-18 18:37 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-11-18 18:37 . 2010-11-18 18:37 -------- d-----w- c:\users\Invité\AppData\Local\temp 2010-11-18 18:37 . 2010-11-18 18:37 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-11-18 18:37 . 2010-11-18 18:37 -------- d-----w- c:\users\Administrateur\AppData\Local\temp 2010-11-18 14:42 . 2010-11-18 14:50 -------- d-----w- C:\Lop SD 2010-11-17 14:35 . 2010-11-17 14:35 -------- d-----w- c:\program files\ESET 2010-11-17 14:06 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A690586-FA34-4CB1-92BE-0A35DC716480}\mpengine.dll 2010-11-17 14:04 . 2010-11-18 08:29 -------- d-----w- c:\windows\Logs 2010-11-17 12:54 . 2010-11-17 12:54 -------- d-----w- c:\users\Jérémy\Recent 2010-11-16 14:30 . 2010-11-16 14:30 -------- d-----w- c:\program files\jv16 PowerTools 2010-11-16 13:14 . 2010-11-16 13:14 -------- d-----w- c:\users\Jérémy\AppData\Roaming\FileOpen 2010-11-16 11:54 . 2010-11-16 11:54 -------- d-----w- c:\users\Jérémy\AppData\Roaming\Macromedia 2010-11-14 16:24 . 2010-11-14 16:24 -------- d-----w- c:\users\Jérémy\AppData\Roaming\Avira 2010-11-14 16:21 . 2010-08-17 12:39 126856 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-11-14 16:21 . 2010-08-17 12:39 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-11-14 16:21 . 2010-11-14 16:21 -------- d-----w- c:\programdata\Avira 2010-11-14 16:21 . 2010-11-14 16:21 -------- d-----w- c:\program files\Avira 2010-11-14 12:18 . 2010-11-15 18:03 -------- d-----w- c:\program files\trend micro 2010-11-11 12:50 . 2010-11-12 18:49 -------- d-----w- c:\program files\AutomateBuilder 2010-11-10 21:43 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2010-11-07 19:44 . 2010-11-07 19:44 -------- d-----w- c:\program files\PowerISO 2010-11-05 08:03 . 2010-11-05 08:03 -------- d-----w- c:\users\Jérémy\AppData\Roaming\Management-Ware Solutions Inc 2010-11-05 08:03 . 2010-11-05 08:03 -------- dc-h--w- c:\programdata\{0B060988-B414-420C-BAAC-D4320DF97431} 2010-10-26 23:22 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-10-26 23:21 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-10-26 23:21 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-10-26 09:51 . 2010-10-26 09:51 -------- d-----w- c:\program files\TrendMicro 2010-10-22 16:00 . 2010-10-22 16:00 -------- d-----w- c:\windows\fr 2010-10-22 16:00 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2010-10-22 15:55 . 2009-09-04 15:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2010-10-22 15:55 . 2009-09-04 15:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2010-10-22 15:55 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2010-10-21 12:01 . 2010-10-21 12:01 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\9ee0c0381cb71172b\InstallManager_WLE_WLE.exe 2010-10-21 11:58 . 2010-10-21 11:58 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\49b9e4681cb71171f\MeshBetaRemover.exe 2010-10-21 11:56 . 2010-10-21 11:56 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\d87e3781cb711718\DXSETUP.exe 2010-10-21 11:56 . 2010-10-21 11:56 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\d87e3781cb711718\dsetup32.dll 2010-10-21 11:56 . 2010-10-21 11:56 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\d87e3781cb711718\DSETUP.dll 2010-10-21 11:56 . 2010-10-21 11:56 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\6d409a81cb711717\DSETUP.dll 2010-10-21 11:56 . 2010-10-21 11:56 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\6d409a81cb711717\DXSETUP.exe 2010-10-21 11:56 . 2010-10-21 11:56 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\6d409a81cb711717\dsetup32.dll 2010-10-21 11:53 . 2010-11-16 00:23 -------- d-----w- c:\users\Jérémy\AppData\Local\Windows Live 2010-10-21 11:52 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-16 17:45 . 2008-02-15 13:50 319456 ----a-w- c:\windows\DIFxAPI.dll 2010-10-19 20:51 . 2009-10-03 03:48 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-07 15:21 . 2009-11-04 12:48 6146896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2010-09-24 07:49 . 2010-09-24 07:49 8704 ----a-w- c:\windows\system32\bootexctrl.exe 2010-09-24 07:49 . 2010-09-24 07:49 11776 ----a-w- c:\windows\system32\wgx.dll 2010-09-24 07:49 . 2010-09-24 07:49 24576 ----a-w- c:\windows\system32\udefrag.exe 2010-09-24 07:49 . 2010-09-24 07:49 14848 ----a-w- c:\windows\system32\lua5.1a_gui.exe 2010-09-24 07:49 . 2010-09-24 07:49 10752 ----a-w- c:\windows\system32\lua5.1a.exe 2010-09-24 07:48 . 2010-09-24 07:48 92160 ----a-w- c:\windows\system32\lua5.1a.dll 2010-09-24 07:48 . 2010-09-24 07:48 8192 ----a-w- c:\windows\system32\udefrag.dll 2010-09-24 07:48 . 2010-09-24 07:48 6144 ----a-w- c:\windows\system32\hibernate4win.exe 2010-09-24 07:48 . 2010-09-24 07:48 48640 ----a-w- c:\windows\system32\udefrag-kernel.dll 2010-09-24 07:48 . 2010-09-24 07:48 47104 ----a-w- c:\windows\system32\zenwinx.dll 2010-09-24 07:48 . 2010-09-24 07:48 88064 ----a-w- c:\windows\system32\defrag_native.exe 2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-09-15 02:50 . 2010-05-10 08:26 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-13 13:56 . 2010-10-14 10:12 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2010-09-10 07:33 . 2010-10-13 16:10 13256 ----a-w- c:\users\Jérémy\cc_20100910_073352.reg 2010-09-10 07:33 . 2010-10-13 16:10 13256 ----a-w- c:\users\Jérémy\cc_20100910_073352.reg 2010-09-06 16:20 . 2010-10-14 10:12 125952 ----a-w- c:\windows\system32\srvsvc.dll 2010-09-06 16:19 . 2010-10-14 10:12 17920 ----a-w- c:\windows\system32\netevent.dll 2010-09-06 13:45 . 2010-10-14 10:12 304128 ----a-w- c:\windows\system32\drivers\srv.sys 2010-09-06 13:45 . 2010-10-14 10:12 145408 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-09-06 13:45 . 2010-10-14 10:12 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-08-31 22:46 . 2010-10-11 20:34 1355264 ----a-w- c:\windows\system32\jscript9.dll 2010-08-31 22:44 . 2010-10-11 20:34 367104 ----a-w- c:\windows\system32\html.iec 2010-08-31 22:44 . 2010-10-11 20:34 1448448 ----a-w- c:\windows\system32\inetcpl.cpl 2010-08-31 22:44 . 2010-10-11 20:34 1122304 ----a-w- c:\windows\system32\wininet.dll 2010-08-31 22:44 . 2010-10-11 20:34 424960 ----a-w- c:\windows\system32\vbscript.dll 2010-08-31 22:43 . 2010-10-11 20:34 23552 ----a-w- c:\windows\system32\licmgr10.dll 2010-08-31 22:43 . 2010-10-11 20:34 72704 ----a-w- c:\windows\system32\SetDepNx.exe 2010-08-31 22:43 . 2010-10-11 20:34 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2010-08-31 22:43 . 2010-10-11 20:34 114176 ----a-w- c:\windows\system32\iesysprep.dll 2010-08-31 22:43 . 2010-10-11 20:34 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2010-08-31 22:43 . 2010-10-11 20:34 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2010-08-31 22:42 . 2010-10-11 20:34 51200 ----a-w- c:\windows\system32\admparse.dll 2010-08-31 22:42 . 2010-10-11 20:34 75264 ----a-w- c:\windows\system32\iesetup.dll 2010-08-31 22:42 . 2010-10-11 20:34 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2010-08-31 22:42 . 2010-10-11 20:34 150016 ----a-w- c:\windows\system32\iexpress.exe 2010-08-31 22:42 . 2010-10-11 20:34 149504 ----a-w- c:\windows\system32\wextract.exe 2010-08-31 22:42 . 2010-10-11 20:34 33280 ----a-w- c:\windows\system32\imgutil.dll 2010-08-31 22:42 . 2010-10-11 20:34 48640 ----a-w- c:\windows\system32\mshtmler.dll 2010-08-31 22:42 . 2010-10-11 20:34 11264 ----a-w- c:\windows\system32\mshta.exe 2010-08-31 22:42 . 2010-10-11 20:34 2381824 ----a-w- c:\windows\system32\mshtml.tlb 2010-08-31 22:42 . 2010-10-11 20:34 63488 ----a-w- c:\windows\system32\tdc.ocx 2010-08-31 22:41 . 2010-10-11 20:34 160768 ----a-w- c:\windows\system32\msls31.dll 2010-08-31 15:46 . 2010-10-14 10:10 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-08-31 15:46 . 2010-10-14 10:10 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-08-31 15:44 . 2010-10-14 10:13 531968 ----a-w- c:\windows\system32\comctl32.dll 2010-08-31 13:27 . 2010-10-14 10:09 2038272 ----a-w- c:\windows\system32\win32k.sys 2010-08-26 16:37 . 2010-10-14 10:10 157184 ----a-w- c:\windows\system32\t2embed.dll 2010-08-26 16:33 . 2010-10-26 23:21 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll 2010-08-26 16:33 . 2010-10-26 23:21 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2010-08-26 16:33 . 2010-10-26 23:21 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll 2010-08-26 16:33 . 2010-10-26 23:21 542720 ----a-w- c:\windows\apppatch\AcLayers.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Connexion SFR 9props.exe"="c:\program files\Neuf\Kit\9props.exe" [2008-01-15 1103088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904] "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768] c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2007-7-27 389120] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoWinKeys"= 1 (0x1) "NoSMMyDocs"= 1 (0x1) "NoFavoritesMenu"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoUpdate Monitor.lnk] backup=c:\windows\pss\AutoUpdate Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Jérémy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^syspck32.exe] backupExtension=.Startup [HKLM\~\startupfolder\C:^Users^Jérémy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TRDCReminder.lnk] backup=c:\windows\pss\TRDCReminder.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software] 2008-09-26 13:22 417792 ----a-w- c:\program files\Camera Assistant Software for Toshiba\traybar.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\E09FXLRD_6746356] 2008-05-28 11:35 351000 ----a-w- c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box] 2009-10-09 08:22 122880 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] 2010-04-12 08:40 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2008-08-28 13:23 6037504 ----a-w- c:\windows\RtHDVCpl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-11-20 17:15 1826816 ----a-w- c:\windows\SkyTel.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "E09FXLRD_7108357"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "Connexion SFR 9props.exe"="c:\program files\Neuf\Kit\9props.exe" /trayicon "BrowserChoice"="c:\windows\System32\browserchoice.exe" /run "Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized "E09FXLRD_5707156"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_54684294"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_17597427"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_16002005"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_11305501"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_3768734"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_24566709"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_1727867"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_17239249"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_12907195"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m "E09FXLRD_1160007"="c:\program files\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" /start "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" -autorun "topi"=c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup "Desktop SMS"=c:\program files\IDM\Desktop SMS\DesktopSMS.exe /auto "HSON"=%ProgramFiles%\TOSHIBA\TBS\HSON.exe "HotKeysCmds"=c:\windows\system32\hkcmd.exe "IgfxTray"=c:\windows\system32\igfxtray.exe "Persistence"=c:\windows\system32\igfxpers.exe "SmoothView"=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe "00TCrdMain"=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe "TPwrMain"=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 135664] R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832] R3 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2010-07-06 188416] R3 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960] R3 HexTunnelDevice;Hexago Multi-Virtual Tunnel Adapter;c:\windows\system32\DRIVERS\hextun.sys [2009-02-24 22176] R3 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2008-01-21 21504] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x] R3 Service CANALPLAY;Service CANALPLAY;c:\program files\Lecteur CANALPLAY\CanalPlayService.exe [2008-06-20 436096] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2009-04-23 16640] S1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-08-17 135336] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464] S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976] S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] S3 RTL8187B;Adaptateur réseau USB 2.0 54Mbps, 802.11b/g sans fil Realtek RTL8187B;c:\windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 290304] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc HsfXAudioService REG_MULTI_SZ HsfXAudioService HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Tâches planifiées' 2010-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 17:31] 2010-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 17:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://google.fr/ uSearchMigratedDefaultURL = hxxp://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mWindow Title = Trusted Zone: sfr.fr\vod-pc FF - ProfilePath - c:\users\Jérémy\AppData\Roaming\Mozilla\Firefox\Profiles\t8u3kjpa.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-chromesbox-en-us&query= FF - prefs.js: browser.search.selectedEngine - Winamp Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q= FF - plugin: c:\program files\Canal\Canal Widget\VOD\npCpVod.dll FF - plugin: c:\program files\Common Files\Glowria\npFireVMGate.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPCARDS.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: browser.sessionstore.resume_from_crash - false FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q= . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-11-18 19:43 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-105076205-141631563-4271315066-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D5D51130-7B5C-66E8-DC27-5A3DBE59AA64}*] "iapkkjgcinohngdbpa"=hex:6b,61,64,70,66,6a,6f,66,68,6a,70,6e,70,6a,66,6a,70,64, 67,65,65,64,00,00 "jajkmipfnfgfgnklngin"=hex:6b,61,64,70,66,6a,6f,66,68,6a,70,6e,70,6a,66,6a,70, 64,67,65,65,64,00,00 [HKEY_USERS\S-1-5-21-105076205-141631563-4271315066-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:07,55,b2,d6,fa,ef,73,93,af,d7,6c,d6,60,4d,4a,ad,5c,dc,a2,6e,32,ae,5e, 86,0c,cc,53,56,a6,28,04,0a,10,34,31,f3,d1,a2,9a,82,89,c5,5e,06,46,45,5b,47,\ "??"=hex:64,a0,df,fc,0c,d3,06,83,b8,46,86,b9,3b,92,66,12 [HKEY_USERS\S-1-5-21-105076205-141631563-4271315066-1000\Software\SecuROM\License information*] "datasecu"=hex:c4,f3,ab,f0,7f,24,8c,17,98,d2,18,82,88,50,69,e4,85,81,99,4f,7f, 08,5c,78,fa,6d,3d,65,2b,7a,bc,8d,fb,4a,40,fc,20,70,c1,26,b8,83,bb,f3,30,ce,\ "rkeysecu"=hex:df,9e,6f,40,b2,9a,56,38,03,40,dd,79,fb,61,a0,fe [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Autres processus actifs ------------------------ . c:\program files\Microsoft Security Essentials\MsMpEng.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe c:\windows\system32\TODDSrv.exe c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\wbem\unsecapp.exe . ************************************************************************** . Heure de fin: 2010-11-18 20:04:47 - La machine a redémarré ComboFix-quarantined-files.txt 2010-11-18 19:04 Avant-CF: 12 740 784 128 octets libres Après-CF: 11 798 687 744 octets libres - - End Of File - - 9C78E09ED3484C2973B7F8628CC08446

Re bjr OTL logfile created on: 18/11/2010 20:30:27 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Jérémy\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.7930.16406) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 55,74 Gb Total Space | 10,95 Gb Free Space | 19,65% Space Free | Partition Type: NTFS Drive E: | 54,58 Gb Total Space | 9,82 Gb Free Space | 17,98% Space Free | Partition Type: NTFS Computer Name: PC-DE-JÉRÉMY | User Name: Jérémy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010/11/18 20:28:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jérémy\Desktop\OTL.exe PRC - [2010/09/22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010/05/07 17:06:42 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2010/05/07 17:05:00 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2010/04/29 14:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2010/04/03 11:36:03 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/01/21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe PRC - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe ========== Modules (SafeList) ========== MOD - [2010/11/18 20:28:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jérémy\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (wampmysqld) SRV - File not found [Disabled | Stopped] -- -- (wampapache) SRV - [2010/09/22 23:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010/09/22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010/09/04 18:11:39 | 000,435,016 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010/08/18 00:49:16 | 000,797,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/07/06 11:10:26 | 000,188,416 | ---- | M] (Canal+ Active) [On_Demand | Stopped] -- C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe -- (CanalPlus.VOD) SRV - [2010/05/07 17:05:00 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010/05/07 17:01:44 | 000,030,024 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2010/04/29 14:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2008/11/04 03:37:58 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [On_Demand | Stopped] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService) SRV - [2008/06/20 17:28:34 | 000,436,096 | ---- | M] (Canal+ Distribution) [On_Demand | Stopped] -- C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe -- (Service CANALPLAY) SRV - [2008/01/21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008/01/21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/21 03:32:50 | 000,365,568 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/21 03:32:50 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2007/12/25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2007/12/03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ManyCam.sys -- (ManyCam) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme) DRV - [2010/09/22 23:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2010/08/17 13:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010/08/17 13:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/04/29 14:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2010/04/12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2010/03/25 20:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2010/02/24 13:41:50 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2009/04/23 15:51:18 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) DRV - [2009/04/11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2009/02/24 05:30:50 | 000,022,176 | ---- | M] (Hexago, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hextun.sys -- (HexTunnelDevice) DRV - [2008/11/04 03:32:20 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio) DRV - [2008/10/15 08:32:08 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2008/10/15 08:30:04 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2008/10/15 08:29:16 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2008/08/28 14:23:44 | 002,095,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/08/14 10:40:40 | 000,203,312 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2008/07/15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2008/02/20 22:01:08 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR) DRV - [2008/01/21 15:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32) DRV - [2008/01/21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008/01/21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008/01/21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008/01/21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008/01/21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008/01/21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008/01/21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008/01/21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008/01/21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008/01/21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008/01/21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008/01/21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008/01/21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008/01/21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008/01/21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008/01/21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008/01/21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008/01/21 03:32:48 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2008/01/21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008/01/21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008/01/21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008/01/21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008/01/21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008/01/21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/01/21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/01/21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/12/28 19:21:54 | 000,104,448 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007/12/26 10:20:32 | 000,290,304 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B) DRV - [2007/12/11 08:52:12 | 000,026,784 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd) DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2007/09/29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2007/09/13 14:23:50 | 001,925,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2007/06/06 15:21:32 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel® DRV - [2007/04/23 10:50:50 | 000,025,896 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt) DRV - [2006/11/20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2006/10/18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2002/07/17 14:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKLM\..\URLSearchHook: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = Recherche Web IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Winamp Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-chromesbox-en-us&query=" FF - prefs.js..browser.search.selectedEngine: "Winamp Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.fr/" FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5 FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:4.1.12s FF - prefs.js..extensions.enabledItems: {0AC54906-5413-4C81-B446-07929BC39C25}:0.7.1 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="'>http://redirecterror.sfr.fr/?q=" FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q=" FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/11/19 10:17:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/26 12:05:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/16 13:09:42 | 000,000,000 | ---D | M] [2010/04/13 05:44:33 | 000,000,000 | ---D | M] -- C:\Users\Jérémy\AppData\Roaming\mozilla\Extensions [2010/04/13 05:44:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2009/11/05 18:21:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a} [2010/11/18 10:57:20 | 000,000,000 | ---D | M] -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions [2010/11/12 19:49:53 | 000,000,000 | ---D | M] (ArchView) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{0AC54906-5413-4C81-B446-07929BC39C25} [2010/11/12 19:49:53 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE} [2010/07/13 10:19:50 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(61) [2009/11/07 08:43:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} [2009/11/07 08:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [2009/11/07 08:41:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [2010/11/12 19:49:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/07/13 10:19:45 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(62) [2009/11/02 22:12:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010/11/12 19:49:54 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010/11/12 14:35:32 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}(2106) [2010/11/12 19:49:53 | 000,000,000 | ---D | M] -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\SkipScreen@SkipScreen [2010/11/12 14:35:32 | 000,000,000 | ---D | M] -- C:\Users\Jérémy\AppData\Roaming\mozilla\Firefox\Profiles\t8u3kjpa.default\extensions\staged-xpis [2009/11/05 18:21:50 | 000,000,000 | ---D | M] -- C:\Users\Jérémy\AppData\Roaming\mozilla\SeaMonkey\Profiles\wz5y25bu.default\extensions [2010/11/04 15:58:39 | 000,001,184 | ---- | M] () -- C:\Users\Jérémy\AppData\Roaming\Mozilla\FireFox\Profiles\t8u3kjpa.default\searchplugins\winamp-search.xml [2010/11/16 10:21:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/07/22 05:05:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/25 18:02:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2009/08/31 13:11:18 | 000,873,976 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPCARDS.dll [2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009/11/02 21:19:03 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll [2010/01/16 02:10:07 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/01/16 02:10:07 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/16 02:10:07 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/01/16 02:10:07 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/03/28 19:11:59 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2010/11/18 19:41:25 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Reg Error: Value error. File not found O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\Neuf\Kit\9props.exe (Neuf) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O15 - HKCU\..Trusted Domains: sfr.fr ([vod-pc] http in Intranet local) O15 - HKCU\..Trusted Domains: sfr.fr ([vod-pc] https in Sites de confiance) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Jérémy\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Jérémy\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2010/11/18 20:27:53 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Jérémy\Desktop\OTL.exe [2010/11/18 20:05:04 | 000,000,000 | ---D | C] -- C:\Users\Jérémy\AppData\Local\temp [2010/11/18 19:41:46 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2010/11/18 19:16:32 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2010/11/18 15:42:15 | 000,000,000 | ---D | C] -- C:\Lop SD [2010/11/18 10:21:02 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/11/17 15:35:20 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2010/11/17 15:04:12 | 000,000,000 | ---D | C] -- C:\Windows\Logs [2010/11/17 13:54:51 | 000,000,000 | ---D | C] -- C:\Users\Jérémy\Recent [2010/11/16 18:45:21 | 002,095,512 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2010/11/16 18:45:21 | 001,196,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe [2010/11/16 18:45:21 | 000,694,272 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2010/11/16 18:45:21 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2010/11/16 18:45:21 | 000,031,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2010/11/16 18:45:20 | 002,168,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2010/11/16 18:45:20 | 000,285,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2010/11/16 18:45:18 | 006,037,504 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe [2010/11/16 18:45:17 | 000,140,288 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll [2010/11/16 18:43:46 | 000,000,000 | ---D | C] -- C:\Users\Jérémy\Documents\Son [2010/11/16 15:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\jv16 PowerTools [2010/11/16 14:14:04 | 000,000,000 | ---D | C] -- C:\Users\Jérémy\AppData\Roaming\FileOpen [2010/11/16 12:54:59 | 000,000,000 | ---D | C] -- C:\Users\Jérémy\AppData\Roaming\Macromedia [2010/11/16 09:09:32 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2010/11/16 09:09:32 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2010/11/16 09:09:32 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2010/11/14 17:24:32 | 000,000,000 | ---D | C] -- C:\Users\Jérémy\AppData\Roaming\Avira [2010/11/14 17:21:29 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2010/11/14 17:21:23 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010/11/14 17:21:22 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010/11/14 17:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010/11/14 17:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/11/14 13:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010/11/11 13:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\AutomateBuilder [2010/11/08 19:25:49 | 000,000,000 | R--D | C] -- C:\Users\Jérémy\Desktop\Contacts [2010/11/07 20:44:45 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO [2010/11/06 12:40:19 | 000,000,000 | ---D | C] -- C:\Users\Jérémy\Documents\Test [2010/11/05 09:03:29 | 000,000,000 | ---D | C] -- C:\Users\Jérémy\AppData\Roaming\Management-Ware Solutions Inc [2010/11/05 09:03:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0B060988-B414-420C-BAAC-D4320DF97431} [2010/10/27 00:22:01 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010/10/27 00:21:58 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010/10/27 00:21:57 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010/10/26 10:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro [2010/10/25 18:02:42 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010/10/25 18:02:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010/10/25 18:02:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010/10/22 17:00:42 | 000,000,000 | ---D | C] -- C:\Windows\fr [2010/10/22 17:00:17 | 000,039,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys [2010/10/22 16:55:39 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2010/10/22 16:55:39 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2010/10/22 16:55:39 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2010/10/21 12:53:11 | 000,000,000 | ---D | C] -- C:\Users\Jérémy\AppData\Local\Windows Live [2010/10/21 12:52:04 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/11/18 20:28:06 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Jérémy\Desktop\OTL.exe [2010/11/18 20:24:49 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/11/18 20:01:12 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/11/18 19:41:38 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/11/18 19:41:37 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/11/18 19:41:25 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010/11/18 19:40:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/11/18 15:41:30 | 000,501,736 | ---- | M] () -- C:\Users\Jérémy\Desktop\LopSD.exe [2010/11/18 10:22:04 | 003,911,040 | R--- | M] () -- C:\Users\Jérémy\Desktop\ComboFix.exe [2010/11/18 09:42:22 | 000,050,477 | ---- | M] () -- C:\Users\Jérémy\Desktop\Defogger.exe [2010/11/17 19:02:22 | 000,869,051 | ---- | M] () -- C:\Users\Jérémy\Desktop\SecurityCheck.exe [2010/11/17 04:29:42 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/11/17 04:29:42 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/11/17 04:29:42 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/11/17 04:29:42 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/11/16 18:45:27 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2010/11/16 15:30:11 | 000,000,787 | ---- | M] () -- C:\Users\Jérémy\Desktop\jv16 PowerTools.lnk [2010/11/16 15:27:38 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2010/11/16 15:09:48 | 000,000,769 | ---- | M] () -- C:\Users\Jérémy\Desktop\CCleaner - Raccourci.lnk [2010/11/15 23:01:09 | 000,365,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/11/14 17:22:00 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/11/14 12:16:02 | 000,000,908 | ---- | M] () -- C:\Users\Jérémy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/11/13 12:41:30 | 000,017,798 | ---- | M] () -- C:\Users\Jérémy\Documents\cc_20101113_124119.reg [2010/11/12 13:09:27 | 000,000,154 | -H-- | M] () -- C:\Users\Jérémy\kommute.conf [2010/11/11 17:23:28 | 000,000,103 | -H-- | M] () -- C:\Users\Jérémy\installs.jsd [2010/11/11 17:23:11 | 000,000,080 | -H-- | M] () -- C:\Users\Jérémy\.userCfgIni9Aut [2010/11/11 10:30:04 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010/11/08 01:20:24 | 000,089,088 | ---- | M] () -- C:\Windows\MBR.exe [2010/11/07 20:44:49 | 000,000,769 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk [2010/11/06 03:02:10 | 000,001,938 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/10/19 21:51:33 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/11/18 15:41:24 | 000,501,736 | ---- | C] () -- C:\Users\Jérémy\Desktop\LopSD.exe [2010/11/18 09:42:22 | 000,050,477 | ---- | C] () -- C:\Users\Jérémy\Desktop\Defogger.exe [2010/11/18 09:41:26 | 003,911,040 | R--- | C] () -- C:\Users\Jérémy\Desktop\ComboFix.exe [2010/11/17 19:02:14 | 000,869,051 | ---- | C] () -- C:\Users\Jérémy\Desktop\SecurityCheck.exe [2010/11/16 18:45:25 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC1.dat [2010/11/16 18:45:25 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC0.dat [2010/11/16 18:45:25 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat [2010/11/16 18:45:25 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2010/11/16 18:45:25 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat [2010/11/16 18:45:25 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat [2010/11/16 15:30:11 | 000,000,787 | ---- | C] () -- C:\Users\Jérémy\Desktop\jv16 PowerTools.lnk [2010/11/16 15:09:48 | 000,000,769 | ---- | C] () -- C:\Users\Jérémy\Desktop\CCleaner - Raccourci.lnk [2010/11/16 09:09:33 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2010/11/16 09:09:32 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010/11/16 09:09:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010/11/16 09:09:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010/11/16 09:09:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010/11/14 17:22:00 | 000,001,812 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/11/13 12:41:23 | 000,017,798 | ---- | C] () -- C:\Users\Jérémy\Documents\cc_20101113_124119.reg [2010/11/11 17:23:28 | 000,000,103 | -H-- | C] () -- C:\Users\Jérémy\installs.jsd [2010/11/11 17:23:11 | 000,000,080 | -H-- | C] () -- C:\Users\Jérémy\.userCfgIni9Aut [2010/11/10 19:01:36 | 000,000,154 | -H-- | C] () -- C:\Users\Jérémy\kommute.conf [2010/11/07 20:44:49 | 000,000,769 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk [2010/09/24 08:48:58 | 000,092,160 | ---- | C] () -- C:\Windows\System32\lua5.1a.dll [2010/09/10 12:50:42 | 000,000,342 | -HS- | C] () -- C:\ProgramData\538630444 [2010/02/01 12:47:08 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009/12/05 11:51:57 | 000,000,206 | ---- | C] () -- C:\Windows\System32\ffbdbfa_z.dll [2009/10/15 17:09:41 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/10/06 15:34:20 | 000,000,990 | -H-- | C] () -- C:\Users\Jérémy\AppData\Local\7F68A003.il [2009/10/06 15:34:20 | 000,000,280 | -H-- | C] () -- C:\Users\Jérémy\AppData\Local\IndexIE_7F68A003.il [2009/09/16 17:58:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/09/15 13:36:26 | 000,021,770 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2009/08/09 15:41:42 | 000,051,712 | ---- | C] () -- C:\Windows\System32\coodest.dll [2009/04/07 21:27:43 | 000,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll [2009/04/07 21:27:43 | 000,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll [2009/02/20 10:47:11 | 000,000,370 | ---- | C] () -- C:\Windows\wTRTv5.ini [2008/11/21 23:21:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008/11/21 15:21:32 | 000,131,072 | ---- | C] () -- C:\Windows\System32\EnumDevLib.dll [2008/03/10 22:46:21 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2008/02/22 13:32:24 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2008/02/15 15:14:14 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2008/02/15 15:14:14 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2008/02/15 15:14:14 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2008/02/15 15:14:14 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2008/02/15 15:14:14 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2008/02/15 15:14:14 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2008/02/15 14:27:10 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008/02/15 14:26:20 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll [2008/02/15 14:26:17 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll [2008/02/15 14:26:17 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll [2008/02/15 14:26:17 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll [2008/02/15 14:26:16 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2007/08/12 15:49:54 | 002,080,256 | ---- | C] () -- C:\Windows\System32\QtCore4.dll [2007/08/07 15:01:32 | 000,842,752 | ---- | C] () -- C:\Windows\System32\QtNetwork4.dll [2007/08/07 15:00:22 | 009,100,288 | ---- | C] () -- C:\Windows\System32\QtGui4.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005/01/20 09:03:22 | 000,007,494 | ---- | C] () -- C:\Windows\System32\mingwm10.dll [2004/11/28 21:09:56 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2010/11/18 20:04:55 | 000,025,126 | ---- | M] () -- C:\ComboFix.txt [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2009/04/22 21:00:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/11/18 15:50:22 | 000,013,512 | ---- | M] () -- C:\lopR.txt [2009/04/22 21:00:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010/11/18 19:40:23 | 2450,763,776 | -HS- | M] () -- C:\pagefile.sys < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 04:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 04:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 04:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2010/09/22 23:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys [2010/09/06 14:45:38 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys [2010/09/06 14:45:22 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys [2010/09/06 14:45:19 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys < End of report >