

aie
Membres-
Compteur de contenus
17 -
Inscription
-
Dernière visite
aie's Achievements

Junior Member (3/12)
0
Réputation sur la communauté
-
Virus détecté, aide sur le rapport
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
Bonjour, et merci de vous être penché sur mon problème. Voici le rapport zhpfix: Rapport de ZHPFix 1.12.3366 par Nicolas Coolman, Update du 26/10/2011 Fichier d'export Registre : Run by Gro ian at 01/11/2011 11:03:27 Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Web site : ZHPFix Fix de rapport ========== Logiciel(s) ========== ABSENT Software Key: DAEMON Tools Toolbar ABSENT Software Key: {26A24AE4-039D-4CA4-87B4-2F83216013FF} ABSENT Software Key: {3248F0A8-6813-11D6-A77B-00B0D0160040} ABSENT Software Key: {3248F0A8-6813-11D6-A77B-00B0D0160070} ABSENT Software Key: {3248F0A8-6813-11D6-A77B-00B0D0160010} ========== Clé(s) du Registre ========== ABSENT CLSID MPSK: {140b194a-559a-11df-ad84-00221507e036} ABSENT CLSID MPSK: {94e74665-0fc5-11de-ab70-00221507e036} SUPPRIME CLSID MPSK: {e7d9ec61-958e-11dd-bdbe-00221507e036} ABSENT Key: HKLM\Software\Classes\AppID\WMHelper.DLL ABSENT Key: HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4} ABSENT Key: HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b} ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar ========== Valeur(s) du Registre ========== ABSENT Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} ABSENT RunValue: hpqSRMon ABSENT RunValue: Windows ABSENT [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} ABSENT [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17} ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : ========== Dossier(s) ========== ABSENT C:\Program Files\DAEMON Tools Toolbar SUPPRIME Flash Cookies: 1 SUPPRIME Temporaires Windows: : 2 ========== Fichier(s) ========== ABSENT Folder/File: c:\users\public\public documents\windows movie player\player.exe 096] ABSENT File: c:\program files\daemon tools toolbar\dttoolbar.dll ABSENT File: c:\users\public\public documents\windows movie player\player.exe ABSENT Folder/File: c:\program files\daemon tools toolbar SUPPRIME Flash Cookies: 0 SUPPRIME Temporaires Windows: : 3 ========== Tache planifiée ========== ABSENT Task: {19B45A6F-2A6C-47B1-B674-4D404388DBCA} ABSENT Task: {40FEDDC2-70EB-44A6-A327-EF09E2BBFDEF} ABSENT Task: {E5692892-047B-4551-9E86-6C189EBB8568} ========== Récapitulatif ========== 7 : Clé(s) du Registre 7 : Valeur(s) du Registre 3 : Dossier(s) 6 : Fichier(s) 5 : Logiciel(s) 3 : Tache planifiée End of clean in 00mn 02s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 01/11/2011 10:59:19 [5795] C:\ZHP\ZHPFix[R2].txt - 01/11/2011 11:03:27 [2629] et le rapport de mbam: Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 8059 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 01/11/2011 13:11:35 mbam-log-2011-11-01 (13-11-35).txt Type d'examen: Examen complet (C:\|D:\|F:\|) Elément(s) analysé(s): 409464 Temps écoulé: 1 heure(s), 31 minute(s), 55 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Merci pour votre aide -
Bonjour à tous, Après avoir lancé un scan au démarrage, avast a trouvé 3 menaces (WMA:Wimad[Drp], Java:Jade-C[Heur] et Ricsi-831) j'ai supprimé les objets infectés mais je voudrais être certain de m'être débarrassé de tout! J'ai lancé ZhpDiag tout à l'heure. Pourriez vous analyser le rapport suivant car je n'y connais rien et me donner la marche à suivre? merci d'avance! cordialement Rapport de ZHPDiag v1.28.2155 par Nicolas Coolman, Update du 28/10/2011 Run by Gro ian at 29/10/2011 13:31:09 Web site : ZHPDiag Outil de diagnostic State : Version à jour. ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox v3.6.23 (fr) (Defaut) GCIE: Google Chrome v15.0.874.106 ---\\ Windows Product Information Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3070 MB (61% free) System Restore: Activé (Enable) System drive C: has 96 GB (33%) free of 287 GB ---\\ Logged in mode ~ Computer Name: GROTROLL ~ User Name: Gro ian ~ All Users Names: Gro ian, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Gro ian\AppData\Roaming\ ~ %Desktop% : C:\Users\Gro ian\Desktop\ ~ %Favorites% : C:\Users\Gro ian\Favorites\ ~ %LocalAppData% : C:\Users\Gro ian\AppData\Local\ ~ %StartMenu% : C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 96 Go of 287 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 11 Go) E:\ CD-ROM drive (Not Inserted) F:\ Hard drive, Flash drive, Thumb drive (Free 15 Go of 75 Go) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ CD-ROM drive (Not Inserted) K:\ Floppy drive, Flash card reader, USB Key (Not Inserted) M:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.21/10/2011 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.D3788D91530CFA005BD516189A4C676E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.23/10/2011 - 14:48:37.) -- C:\Windows\system32\wininet.dll [1126912] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/10/2011 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.25/05/2008 - 21:22:10.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.09/10/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408] [MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\Windows\system32\drivers\atapi.sys [21560] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/10/2011 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.09/10/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/10/2011 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.09/10/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.21/10/2011 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/10/2011 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\drivers\rdpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.21/10/2011 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.21/10/2011 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/23 ~ Mes musiques (My Musics) : 1/4 ~ Mes Videos (My Videos) : 1/4 ~ Mes Favoris (My Favorites) : 2/23 ~ Mes Documents (My Documents) : 1/176 ~ Mon Bureau (My Desktop) : 9/959 ~ Menu demarrer (Programs) : 7/29 ~ Scan Hidden Files in 00mn 00s ---\\ Processus lancés [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.2192] [MD5.D93985F5D87DF1A119E939EADB5C4B9E] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6266880] [PID.2216] [MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536] [PID.2236] [MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544] [PID.] [MD5.D2084C2112CBA266E08ED2A601E3C020] - (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [132624] [PID.2684] [MD5.731F68141C806BD2359FD878CD05C929] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808] [PID.2708] [MD5.BD18FB44B14911F41CA8695928C9D9A8] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200] [PID.2792] [MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3722416] [PID.2808] [MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.2840] [MD5.2AA60514B683F15CF484C4A9F21C3425] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [273528] [PID.2940] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2960] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3012] [MD5.36D773CBEA37AB24966963A9B4891227] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe [490952] [PID.3048] [MD5.335FB5B236227217E54269FA85A1B27D] - (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe [679936] [PID.3096] [MD5.009811BD21D0BD7BA5C7765565505764] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088] [PID.3108] [MD5.480B8218CAC947DB5F32D126FAE2BACD] - (.Crawler.com - Spyware Terminator Update Support.) -- F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3318784] [PID.3228] [MD5.45D1648724123669962DBA211D2C64AA] - (.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe [5308416] [PID.3268] [MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360] [PID.3296] [MD5.FE4F7AADAB104194D899E5B8B8B51CF0] - (.OpenOffice.org - OpenOffice.org 2.4.) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.exe [2363392] [PID.3352] [MD5.A1E80D64FCD01CD6AD83CCC46051366F] - (.OpenOffice.org - OpenOffice.org 2.4.) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN [2580480] [PID.3600] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4196] [MD5.B70278D1459A677639D51892160FD365] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320] [PID.4384] [MD5.7E04B1ADE140F483A6581461568D8D9C] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [610304] [PID.4420] [MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.4456] [MD5.7CAC10A1C258DFCB5ADE563BAE6D2F15] - (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\kbd\kbd.exe [67128] [PID.4472] [MD5.B6FDDDAB3A8C94CC5B47B6F6C596F9FC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344] [PID.5228] [MD5.4E8A14EB0F88199F8B8D5D55B3A17B5E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.3712] [MD5.9F323EEAFAD860204EAA0630E0A3D7F9] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [696320] [PID.5316] [MD5.E0A2DC5D912DD50F9190A6B38110A513] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.1.) -- C:\Windows\system32\nvvsvc.exe [118784] [PID.] [MD5.F81CAC1FFAC56A997E0EA750BDB30B03] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [655360] [PID.] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.] [MD5.C76769F246250EDAD34A5581419E9D60] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768] [PID.] [MD5.1117AF8C53AA278A4C5B7EF1B00E08F4] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.] [MD5.DFEFF67508D3A9AEB1A85D7B0F513B24] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.] [MD5.642180B8F50E7FC1FBAF87C718E259D6] - (.Crawler.com - Spyware Terminator Realtime Shield 32-bit S.) -- F:\Program Files\Spyware Terminator\sp_rsser.exe [496128] [PID.] [MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904] [PID.] [MD5.CB383AB0B8BA871D893B86D3C9A3ED9F] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208] [PID.] ~ Scan Processes Running in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Gro ian\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep v.6.0.1289 (Activé) G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.5 (Activé) ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Gro ian\AppData\Roaming\Mozilla\Firefox\Profiles\5lqhjf02.default\prefs.js C:\Users\Gro ian\AppData\Roaming\Mozilla\Firefox\Profiles\5lqhjf02.default\user.js M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\support@daemon-tools.cc M0 - MFSP: prefs.js [Gro ian - 5lqhjf02.default] Réseau Voltaire M2 - MFEP: prefs.js [Gro ian - 5lqhjf02.default\illimitux@illimitux.net] [illimitux] Illimitux v4.0 (.http://www.illimitux.net/.) M2 - MFEP: prefs.js [Gro ian - 5lqhjf02.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [Gro ian - 5lqhjf02.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.1.1.20091029021655 (.Yahoo!.) P2 - FPN:Firefox Plugin Navigator . (.Macromedia, Inc. - Macromedia Shockwave for Director Netscape plug-in, version 8.5.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.669.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_29 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.669] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.669] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=12.0.1.669] - (.RealNetworks, Inc. - RealNetworks RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserre P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.669] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.669] - (.RealNetworks, Inc. - 12.0.1.669.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=0.9.2] - (.the VideoLAN Team - Version 0.9.2, copyright 1996-2008 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Jumpstation R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Jumpstation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} . (.Pas de propriétaire - ToolBand Module.) -- C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] . (...) -- C:\HP\KBD\KbdStub.exe O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll O4 - HKLM\..\Run: [sMSTray] . (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [hpqSRMon] Clé orpheline O4 - HKLM\..\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe O4 - HKCU\..\Run: [Windows] . (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe O4 - HKCU\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe O4 - HKCU\..\Run: [spywareTerminatorUpdate] . (.Crawler.com - Spyware Terminator Update Support.) -- F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe O4 - HKCU\..\Run: [eMuleAutoStart] . (.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [Windows] . (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [spywareTerminatorUpdate] . (.Crawler.com - Spyware Terminator Update Support.) -- F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [eMuleAutoStart] . (.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk . (.CyberLink.) -- C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk . (...) -- C:\Program Files\foobar2000\foobar2000.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung PC Studio 3.lnk . (...) -- C:\Program Files\Samsung\Samsung PC Studio 3\Launcher.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.1.) - C:\Windows\system32\nvvsvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) . (.Crawler.com - Spyware Terminator Realtime Shield 32-bit S.) - F:\Program Files\Spyware Terminator\sp_rsser.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.874B6089DB177C2C9F2029CB5199373F] [APT] [RealUpgradeLogonTaskS-1-5-21-2514959625-1822713593-4122749096-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [MD5.874B6089DB177C2C9F2029CB5199373F] [APT] [RealUpgradeScheduledTaskS-1-5-21-2514959625-1822713593-4122749096-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [MD5.53752C90C56CA5B260827E47762BA3B8] [APT] [RecoveryCD] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe [MD5.EA20D863A09D2C39A4E35D6D761236FE] [APT] [{0C6688EF-D347-411E-8D8B-EA3EBB2C56B0}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [MD5.00000000000000000000000000000000] [APT] [{19B45A6F-2A6C-47B1-B674-4D404388DBCA}] (...) -- c:\Users\Gro ian\Downloads\avira_antivirus_personal_fr(2).exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{40FEDDC2-70EB-44A6-A327-EF09E2BBFDEF}] (...) -- c:\Users\Gro ian\Downloads\avira_antivirus_personal_fr.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{E5692892-047B-4551-9E86-6C189EBB8568}] (...) -- c:\Users\Gro ian\Downloads\avira_antivir_personal_fr.exe (.not file.) [MD5.61D3771702DE72053FEE2A98F213A030] [APT] [scheduled Maintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [MD5.EFB0FCD1CD300E5708E73230D91D6532] [APT] [scheduled Maintenance Swap] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe ~ Scan Scheduled Task in 00mn 03s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader 9.4.6 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001} O42 - Logiciel: ArmyCalc's Eye version 1.0 beta - (.Pas de propriétaire.) [HKLM] -- ArmyCalc's Eye_is1 O42 - Logiciel: BioShock 2 - (.2K Games.) [HKLM] -- {4A8B461A-9336-4CF9-98F4-14DD38E673F0} O42 - Logiciel: C-Dilla Licence Management System - (.Pas de propriétaire.) [HKLM] -- LMS O42 - Logiciel: ContentSAFER for Wizmax - (.Pas de propriétaire.) [HKLM] -- {C19BE821-89B1-4A96-AC7C-873810C0CB5F} O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: DAEMON Tools Toolbar - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Toolbar O42 - Logiciel: DivxToDVD 0.5.2 - (.VSO-Software SARL.) [HKLM] -- VSO DivxToDVD_is1 O42 - Logiciel: Editeur Handling GTA-SA v2.0 - (.Pas de propriétaire.) [HKLM] -- Editeur Handling GTA-SA v2.0 O42 - Logiciel: FEARCombat - (.Vivendi Universal Games, Inc..) [HKLM] -- {75E607CF-7BAE-4B88-84B3-97F3DF44BA28} O42 - Logiciel: Freeplayer - (.Free.) [HKLM] -- Freeplayer O42 - Logiciel: GIMP 2.6.7 - (.Pas de propriétaire.) [HKLM] -- WinGimp-2.0_is1 O42 - Logiciel: GTASA-Ultimate Editor - (.Pas de propriétaire.) [HKLM] -- ST6UNST #1 O42 - Logiciel: Ghostbusters : The Video Game - (.Atari.) [HKLM] -- InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Grand Theft Auto IV - (.Rockstar Games.) [HKLM] -- {579BA58C-F33D-4970-9953-B94B43768AC3} O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {E0810CC2-4B5B-4439-B1D0-452306AF2D64} O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {73A43E42-3658-4DD9-8551-FACDA3632538} O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {C27C82E4-9C53-4D76-9ED3-A01A3D5EE679} O42 - Logiciel: HP Customer Feedback - (.Hewlett-Packard.) [HKLM] -- {9DBA770F-BF73-4D39-B1DF-6035D95268FC} O42 - Logiciel: HP Customer Participation Program 10.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {E1476612-02D6-42A3-BDC1-E292B4115738} O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3 - (.HP.) [HKLM] -- {FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8} O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B} O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3} O42 - Logiciel: Hewlett-Packard Active Check for Health Check - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E} O42 - Logiciel: Hewlett-Packard Asset Agent for Health Check - (.HP.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Java 6 Update 29 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF} O42 - Logiciel: Java 6 Update 4 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160040} O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: Java SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {7F10292C-A190-4176-A665-A1ED3478DF86} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2572067) - (.Pas de propriétaire.) [HKLM] -- M2572067 O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft Combat Flight Simulator - (.Pas de propriétaire.) [HKLM] -- Combat Flight Simulator 1.00 O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77} O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox (3.6.23) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.23) O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: OCR Software by I.R.I.S. 10.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL O42 - Logiciel: OpenOffice.org 2.4 - (.OpenOffice.org.) [HKLM] -- {A122962F-331A-4C2E-93DB-AD92D8A4FB14} O42 - Logiciel: OpenOffice.org 2.4 Language Pack (Français) - (.OpenOffice.org.) [HKLM] -- {D2BE6521-F81C-4EC6-8887-A8BBC0B0786B} O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: Python 2.5 - (.Martin v. Löwis.) [HKLM] -- {0A2C5854-557E-48C8-835A-3B9F074BDCAA} O42 - Logiciel: QuarkXPress - (.Quark Inc..) [HKLM] -- {706EA4A8-97B5-4C29-A0F3-0B38C666F0C4} O42 - Logiciel: RarZilla Free Unrar 2.52 - (.Philipp Winterberg.) [HKLM] -- RarZilla Free Unrar 2.52 O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2005 Runtime - (.RealNetworks.) [HKLM] -- {026C3D27-9BE1-46BE-BEAE-6DE38A0F4FBE} O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA} O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: SFV Checker - (.Pas de propriétaire.) [HKLM] -- {C9736F27-3CFC-4AF9-B2A7-5B1A54B1A84F} O42 - Logiciel: Samsung Media Studio 5 - (.Samsung.) [HKLM] -- {C20CE592-B0F8-4D20-BF31-0151CA6331A6} O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97} O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A} O42 - Logiciel: San Andreas Mod Installer - (.cpmusick.) [HKLM] -- San Andreas Mod Installer1.1 O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: Shockwave - (.Pas de propriétaire.) [HKLM] -- Shockwave O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies O42 - Logiciel: SimpleOCR 3.1 - (.Pas de propriétaire.) [HKLM] -- SimpleOCR 3.1 O42 - Logiciel: Skype web features - (.Skype Technologies S.A..) [HKLM] -- {541DEAC0-5F3D-45E6-B7CB-94ECF3B96748} O42 - Logiciel: Skype™ 4.1 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36} O42 - Logiciel: Solution de clavier multimédia amélioré - (.Hewlett-Packard.) [HKLM] -- KBD O42 - Logiciel: Steam - (.Valve.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} O42 - Logiciel: The Forge - (.Pas de propriétaire.) [HKLM] -- The Forge O42 - Logiciel: The KMPlayer (remove only) - (.Pas de propriétaire.) [HKLM] -- The KMPlayer O42 - Logiciel: Universalis 9 - (.Pas de propriétaire.) [HKLM] -- {88872E86-59A5-4213-A609-FDCFA4D9BEA6} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523 O42 - Logiciel: Utilitaires Sierra - (.Pas de propriétaire.) [HKLM] -- Utilitaires Sierra O42 - Logiciel: VLC media player 0.9.2 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: VSO CopyToDVD 4 - (.VSO Software.) [HKLM] -- {870F1750-BA89-11DA-A94D-0800200C9A66}_is1 O42 - Logiciel: Warhammer® Mark of Chaos - (.NAMCO BANDAI Games.) [HKLM] -- {5F374D5D-DB43-4263-9C29-BAB2C93FEFE6} O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast O42 - Logiciel: bfgscreen Screen Saver - (.Pas de propriétaire.) [HKLM] -- bfgscreen O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule O42 - Logiciel: foobar2000 v1.0.3 - (.Peter Pawlowski.) [HKLM] -- foobar2000 O42 - Logiciel: muvee autoProducer 6.1 - (.muvee Technologies.) [HKLM] -- {FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8} O42 - Logiciel: ratDVD 0.78.1444 - (.ratDVD.) [HKLM] -- ratDVD O42 - Logiciel: sp44626 - (.Hewlett-Packard.) [HKLM] -- sp44626 ---\\ HKCU & HKLM Software Keys [HKCU\Software\ALWIL Software] [HKCU\Software\AOL] [HKCU\Software\ATI] [HKCU\Software\AVAST Software] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Binary Noise] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\Encyclopaedia-Universalis] [HKCU\Software\Freeplayer] [HKCU\Software\GTAGarage] [HKCU\Software\Gabest] [HKCU\Software\GameSpy] [HKCU\Software\Google] [HKCU\Software\HP Guide] [HKCU\Software\Hewlett-Packard] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\KMPlayer] [HKCU\Software\Leadertech] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept (Muvee)] [HKCU\Software\MainConcept] [HKCU\Software\Micromega Software System] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NOS] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\NamcoBandai] [HKCU\Software\Netscape] [HKCU\Software\OpenOffice.org] [HKCU\Software\Philipp Winterberg] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Quark] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\SFX TEAM] [HKCU\Software\Samsung Media Studio] [HKCU\Software\Samsung PC Studio] [HKCU\Software\Samsung] [HKCU\Software\SecuROM] [HKCU\Software\Skype] [HKCU\Software\SoftVTU] [HKCU\Software\Softthinks] [HKCU\Software\Spyware Terminator] [HKCU\Software\THQ] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Valve] [HKCU\Software\Vso] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Winamp] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\eMule] [HKCU\Software\muvee Technologies] [HKCU\Software\ratDVD] [HKCU\Software\yahooinstall] [HKLM\Software\2K Games] [HKLM\Software\ALWIL Software] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\AVAST Software] [HKLM\Software\Adobe] [HKLM\Software\America Online] [HKLM\Software\AppForge] [HKLM\Software\Atari] [HKLM\Software\Bohemia Interactive Studio] [HKLM\Software\C-Dilla] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DIOC] [HKLM\Software\DT Soft] [HKLM\Software\Debug] [HKLM\Software\EasyBits] [HKLM\Software\Encyclopaedia-Universalis] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LightScribe] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\MarkAny] [HKLM\Software\Matrix Games] [HKLM\Software\Micromega Software System] [HKLM\Software\Monolith Productions] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MusicNet] [HKLM\Software\NAMCO BANDAI Games] [HKLM\Software\NOS] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NamcoBandai] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\PC-Doctor] [HKLM\Software\Philipp Winterberg] [HKLM\Software\PocketSoft] [HKLM\Software\Policies] [HKLM\Software\Quark] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Rockstar Games] [HKLM\Software\SAMI] [HKLM\Software\SEGA] [HKLM\Software\SRS Labs] [HKLM\Software\Samsung Electronics Co., Ltd.] [HKLM\Software\Samsung] [HKLM\Software\Sierra OnLine] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Spyware Terminator] [HKLM\Software\Sun Microsystems] [HKLM\Software\Symantec] [HKLM\Software\THQ] [HKLM\Software\Total War] [HKLM\Software\Traction Software] [HKLM\Software\VSO] [HKLM\Software\Valve] [HKLM\Software\VideoLAN] [HKLM\Software\VodeiMPAVI] [HKLM\Software\Volatile] [HKLM\Software\WOW6432Node] [HKLM\Software\WildTangent] [HKLM\Software\Wilson WindowWare] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Yahoo] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 23/02/2010 - 01:34:10 - [9726800104] ----D- C:\Program Files\2K Games O43 - CFD: 22/03/2010 - 01:17:16 - [36774748] ----D- C:\Program Files\ACE O43 - CFD: 08/10/2011 - 12:44:24 - [162985646] ----D- C:\Program Files\Adobe O43 - CFD: 19/09/2008 - 19:20:06 - [0] ----D- C:\Program Files\Alwil Software O43 - CFD: 28/12/2009 - 22:05:02 - [11637630252] ----D- C:\Program Files\Atari O43 - CFD: 08/10/2011 - 12:35:12 - [233894048] ----D- C:\Program Files\AVAST Software O43 - CFD: 27/10/2011 - 11:27:44 - [430876514] ----D- C:\Program Files\Common Files O43 - CFD: 25/05/2008 - 12:49:28 - [734177944] ----D- C:\Program Files\CyberLink O43 - CFD: 09/10/2008 - 01:17:10 - [5224196] ----D- C:\Program Files\DAEMON Tools Lite O43 - CFD: 09/10/2008 - 01:17:10 - [2776033] ----D- C:\Program Files\DAEMON Tools Toolbar O43 - CFD: 25/05/2008 - 12:59:18 - [69636367] ----D- C:\Program Files\EasyBits For Kids O43 - CFD: 14/03/2009 - 19:32:54 - [6716849] ----D- C:\Program Files\Editeur Handling GTA-SA O43 - CFD: 21/09/2008 - 19:51:18 - [11210932] ----D- C:\Program Files\eMule O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 01/05/2010 - 01:17:00 - [8543004] ----D- C:\Program Files\foobar2000 O43 - CFD: 24/09/2008 - 21:59:26 - [33283418] ----D- C:\Program Files\Freeplayer O43 - CFD: 02/12/2009 - 06:05:28 - [87124142] ----D- C:\Program Files\GIMP-2.0 O43 - CFD: 04/06/2010 - 19:07:10 - [276709277] ----D- C:\Program Files\Google O43 - CFD: 16/03/2009 - 10:47:36 - [248251] ----D- C:\Program Files\Gta Save O43 - CFD: 27/08/2009 - 19:52:06 - [5039176] ----D- C:\Program Files\GTA4MODS.com O43 - CFD: 16/03/2009 - 10:16:02 - [636167] ----D- C:\Program Files\GTASA-Ultimate Editor O43 - CFD: 24/12/2009 - 23:58:48 - [142429656] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 22/10/2011 - 20:43:58 - [256300102] ----D- C:\Program Files\HP O43 - CFD: 25/05/2008 - 12:58:54 - [493988158] ----D- C:\Program Files\HP Games O43 - CFD: 03/05/2010 - 14:05:44 - [155893613] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 10/06/2009 - 16:41:32 - [50343759] ----D- C:\Program Files\Intel O43 - CFD: 23/10/2011 - 16:37:22 - [5391567] ----D- C:\Program Files\Internet Explorer O43 - CFD: 21/10/2011 - 11:49:36 - [326569139] ----D- C:\Program Files\Java O43 - CFD: 20/03/2009 - 17:04:32 - [1827624] ----D- C:\Program Files\MarkAny O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games O43 - CFD: 22/02/2010 - 23:14:54 - [9281414] ----D- C:\Program Files\Microsoft Games for Windows - LIVE O43 - CFD: 19/09/2008 - 18:54:44 - [28429690] ----D- C:\Program Files\Microsoft Office O43 - CFD: 19/09/2008 - 20:01:58 - [152968] ----D- C:\Program Files\Microsoft Works O43 - CFD: 21/10/2011 - 20:38:34 - [15715] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 21/10/2011 - 20:29:46 - [99342446] ----D- C:\Program Files\Movie Maker O43 - CFD: 08/10/2011 - 19:10:36 - [82751554] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 09/10/2011 - 19:09:58 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 25/05/2008 - 12:50:04 - [155052528] ----D- C:\Program Files\muvee Technologies O43 - CFD: 03/05/2010 - 14:05:46 - [4545451502] ----D- C:\Program Files\NAMCO BANDAI Games O43 - CFD: 31/07/2009 - 09:34:24 - [0] ----D- C:\Program Files\NOS O43 - CFD: 24/10/2009 - 20:07:30 - [3052112] R---D- C:\Program Files\Online Services O43 - CFD: 01/03/2009 - 21:42:44 - [782336] ----D- C:\Program Files\OpenAL O43 - CFD: 19/09/2008 - 22:20:24 - [345051443] ----D- C:\Program Files\OpenOffice.org 2.4 O43 - CFD: 25/05/2008 - 13:07:08 - [87416588] ----D- C:\Program Files\PC-Doctor 5 for Windows O43 - CFD: 01/12/2009 - 20:58:34 - [462446712] ----D- C:\Program Files\Quark O43 - CFD: 21/09/2008 - 19:52:02 - [1765114] ----D- C:\Program Files\RarZilla Free Unrar O43 - CFD: 11/11/2008 - 00:14:58 - [9004657] ----D- C:\Program Files\ratDVD O43 - CFD: 25/10/2011 - 10:23:30 - [133820951] ----D- C:\Program Files\Real O43 - CFD: 25/05/2008 - 12:40:48 - [62844252] ----D- C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 12/04/2010 - 00:46:56 - [0] ----D- C:\Program Files\Rockstar Games O43 - CFD: 05/04/2010 - 17:28:12 - [214186562] ----D- C:\Program Files\Samsung O43 - CFD: 16/03/2009 - 01:54:40 - [3461724] ----D- C:\Program Files\San Andreas Mod Installer O43 - CFD: 12/06/2009 - 22:35:30 - [3775462563] ----D- C:\Program Files\Sierra O43 - CFD: 17/10/2011 - 17:04:36 - [32] ----D- C:\Program Files\Sierra On-Line O43 - CFD: 07/10/2008 - 18:31:26 - [25280966] ----D- C:\Program Files\SimpleOCR O43 - CFD: 26/07/2009 - 21:25:42 - [35821657] R---D- C:\Program Files\Skype O43 - CFD: 19/09/2008 - 19:34:06 - [1716] ----D- C:\Program Files\Sports Interactive O43 - CFD: 29/10/2011 - 13:17:10 - [139480002] ----D- C:\Program Files\Steam O43 - CFD: 28/09/2008 - 11:08:14 - [22640] ----D- C:\Program Files\SuperCopier2 O43 - CFD: 03/10/2008 - 17:23:02 - [46575431] ----D- C:\Program Files\The KMPlayer O43 - CFD: 14/06/2009 - 14:31:12 - [13416496] ----D- C:\Program Files\THQ O43 - CFD: 18/10/2008 - 17:06:48 - [1721850] ----D- C:\Program Files\Traction Software O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 22/02/2009 - 03:36:40 - [4419897009] ----D- C:\Program Files\Universalis 9 O43 - CFD: 19/09/2008 - 22:31:40 - [50104454] ----D- C:\Program Files\VideoLAN O43 - CFD: 27/10/2011 - 14:19:56 - [126747722] ----D- C:\Program Files\vso O43 - CFD: 21/10/2011 - 20:29:46 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 21/10/2011 - 20:29:44 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 21/10/2011 - 20:29:44 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 21/10/2011 - 20:29:44 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 23/10/2011 - 11:05:32 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 21/10/2011 - 20:29:44 - [4498121] ----D- C:\Program Files\Windows Media Player O43 - CFD: 19/09/2008 - 18:48:42 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 21/10/2011 - 20:29:44 - [13528738] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 23/10/2011 - 11:05:34 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 21/10/2011 - 20:29:46 - [6674851] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 22/02/2010 - 22:53:44 - [3726887] ----D- C:\Program Files\WinRAR O43 - CFD: 04/10/2008 - 17:13:36 - [175] --H-D- C:\Program Files\Zero G Registry O43 - CFD: 29/10/2011 - 13:31:14 - [4244456] ----D- C:\Program Files\ZHPDiag O43 - CFD: 08/10/2011 - 12:44:46 - [6347682] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 19/09/2008 - 19:02:28 - [469525] ----D- C:\Program Files\Common Files\Hewlett-Packard O43 - CFD: 21/12/2009 - 01:00:02 - [5280332] ----D- C:\Program Files\Common Files\HP O43 - CFD: 25/05/2008 - 13:04:40 - [10110139] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 21/10/2011 - 11:50:22 - [47526965] ----D- C:\Program Files\Common Files\Java O43 - CFD: 09/10/2009 - 19:09:32 - [32098366] ---AD- C:\Program Files\Common Files\LightScribe O43 - CFD: 25/05/2008 - 12:49:34 - [56683] ---AD- C:\Program Files\Common Files\LS Getting Started O43 - CFD: 22/02/2010 - 23:21:44 - [222154713] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 25/05/2008 - 12:50:04 - [49413198] ----D- C:\Program Files\Common Files\muvee Technologies O43 - CFD: 27/10/2011 - 11:27:44 - [4346720] ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 25/10/2011 - 10:22:58 - [0] ----D- C:\Program Files\Common Files\Real O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 26/07/2009 - 21:25:10 - [1959208] ----D- C:\Program Files\Common Files\Skype O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 23/10/2011 - 15:41:34 - [419624] ----D- C:\Program Files\Common Files\Steam O43 - CFD: 19/09/2008 - 20:09:36 - [498856] ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 21/10/2011 - 20:29:44 - [8737810] ----D- C:\Program Files\Common Files\System O43 - CFD: 25/10/2011 - 10:23:28 - [352256] ----D- C:\Program Files\Common Files\xing shared O43 - CFD: 08/10/2011 - 12:44:44 - [763] ----D- C:\ProgramData\Adobe O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 25/05/2008 - 12:42:36 - [2893592] ----D- C:\ProgramData\ATI O43 - CFD: 08/10/2011 - 12:35:12 - [6499190] ----D- C:\ProgramData\AVAST Software O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 29/09/2008 - 21:21:26 - [4243] ----D- C:\ProgramData\CyberLink O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 21/09/2008 - 20:05:22 - [0] ----D- C:\ProgramData\eMule O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 24/12/2009 - 23:59:24 - [1089335] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 25/12/2009 - 00:08:20 - [18368758] ----D- C:\ProgramData\HP O43 - CFD: 25/12/2009 - 00:03:54 - [8988] ----D- C:\ProgramData\HP Product Assistant O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 10/10/2008 - 00:41:12 - [236586863] -S--D- C:\ProgramData\Microsoft O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 25/05/2008 - 12:50:04 - [4460] ----D- C:\ProgramData\muvee Technologies O43 - CFD: 28/08/2009 - 14:10:48 - [26596640] ----D- C:\ProgramData\NOS O43 - CFD: 19/09/2008 - 19:30:34 - [189051] ----D- C:\ProgramData\NVIDIA O43 - CFD: 25/05/2008 - 12:55:10 - [1235] ----D- C:\ProgramData\PC-Doctor O43 - CFD: 25/05/2008 - 12:55:10 - [1991680] ----D- C:\ProgramData\PC-Doctor 5 for Windows O43 - CFD: 01/12/2009 - 20:58:34 - [166348] ----D- C:\ProgramData\Quark O43 - CFD: 21/10/2011 - 11:25:14 - [1657586] ----D- C:\ProgramData\Real O43 - CFD: 22/02/2010 - 23:22:48 - [19984] -SH-D- C:\ProgramData\SecuROM O43 - CFD: 26/07/2009 - 21:25:08 - [25777757] ----D- C:\ProgramData\Skype O43 - CFD: 28/10/2011 - 14:26:06 - [88243642] ----D- C:\ProgramData\Spyware Terminator O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 27/04/2010 - 22:36:26 - [191] ----D- C:\ProgramData\Sun O43 - CFD: 19/09/2008 - 20:06:28 - [2746] ----D- C:\ProgramData\Symantec O43 - CFD: 27/10/2011 - 15:28:04 - [36864] ---AD- C:\ProgramData\Temp O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 27/10/2011 - 16:40:32 - [387] ----D- C:\ProgramData\Vso O43 - CFD: 19/09/2008 - 19:12:20 - [243] ----D- C:\ProgramData\WEBREG O43 - CFD: 15/10/2011 - 19:22:44 - [1225108720] ----D- C:\ProgramData\WildTangent O43 - CFD: 21/09/2008 - 21:17:32 - [1665879] ----D- C:\Users\Gro ian\AppData\Roaming\Adobe O43 - CFD: 19/09/2008 - 18:58:18 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\ATI O43 - CFD: 29/10/2011 - 13:19:42 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Avira O43 - CFD: 08/10/2011 - 00:44:00 - [48593381] ----D- C:\Users\Gro ian\AppData\Roaming\Bioshock2 O43 - CFD: 20/03/2009 - 21:16:48 - [20] ----D- C:\Users\Gro ian\AppData\Roaming\CyberLink O43 - CFD: 09/10/2008 - 01:11:58 - [1382] ----D- C:\Users\Gro ian\AppData\Roaming\DAEMON Tools O43 - CFD: 20/03/2009 - 17:04:34 - [107050] ----D- C:\Users\Gro ian\AppData\Roaming\DataCast O43 - CFD: 27/10/2011 - 15:26:58 - [631] ----D- C:\Users\Gro ian\AppData\Roaming\dvdcss O43 - CFD: 21/09/2008 - 19:51:18 - [4862] ----D- C:\Users\Gro ian\AppData\Roaming\eMule O43 - CFD: 10/10/2011 - 15:24:58 - [5061849] ----D- C:\Users\Gro ian\AppData\Roaming\foobar2000 O43 - CFD: 20/06/2009 - 07:22:20 - [329437] ----D- C:\Users\Gro ian\AppData\Roaming\Hewlett-Packard O43 - CFD: 07/10/2008 - 18:35:42 - [251556] ----D- C:\Users\Gro ian\AppData\Roaming\HP O43 - CFD: 07/02/2010 - 20:58:44 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\HPAppData O43 - CFD: 22/10/2011 - 20:46:58 - [18625] ----D- C:\Users\Gro ian\AppData\Roaming\HpUpdate O43 - CFD: 19/09/2008 - 18:57:34 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Identities O43 - CFD: 19/09/2008 - 18:52:00 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\InstallShield O43 - CFD: 16/05/2009 - 11:05:10 - [379] ----D- C:\Users\Gro ian\AppData\Roaming\Leadertech O43 - CFD: 19/09/2008 - 18:53:16 - [3897407] ----D- C:\Users\Gro ian\AppData\Roaming\Macromedia O43 - CFD: 07/10/2008 - 19:06:54 - [6924] ----D- C:\Users\Gro ian\AppData\Roaming\Magic Academy O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Media Center Programs O43 - CFD: 28/10/2011 - 12:53:20 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Media Player Classic O43 - CFD: 14/06/2009 - 14:31:54 - [3018979] -S--D- C:\Users\Gro ian\AppData\Roaming\Microsoft O43 - CFD: 27/08/2009 - 13:16:20 - [4274645] ----D- C:\Users\Gro ian\AppData\Roaming\Mozilla O43 - CFD: 10/10/2011 - 15:15:02 - [5632] ----D- C:\Users\Gro ian\AppData\Roaming\muvee Technologies O43 - CFD: 29/10/2011 - 13:17:52 - [2832008] ----D- C:\Users\Gro ian\AppData\Roaming\OpenOffice.org2 O43 - CFD: 01/12/2009 - 21:01:24 - [48770] ----D- C:\Users\Gro ian\AppData\Roaming\Quark O43 - CFD: 27/10/2011 - 11:29:54 - [53435062] ----D- C:\Users\Gro ian\AppData\Roaming\Real O43 - CFD: 05/04/2010 - 17:36:52 - [2411799] ----D- C:\Users\Gro ian\AppData\Roaming\Samsung O43 - CFD: 25/06/2009 - 01:40:18 - [11777] R-H-D- C:\Users\Gro ian\AppData\Roaming\SecuROM O43 - CFD: 12/08/2009 - 21:55:58 - [1331916] ----D- C:\Users\Gro ian\AppData\Roaming\Skype O43 - CFD: 12/08/2009 - 18:26:46 - [42456] ----D- C:\Users\Gro ian\AppData\Roaming\skypePM O43 - CFD: 08/02/2009 - 19:24:46 - [10888344] ----D- C:\Users\Gro ian\AppData\Roaming\Sports Interactive O43 - CFD: 28/10/2011 - 13:00:04 - [316419] ----D- C:\Users\Gro ian\AppData\Roaming\Spyware Terminator O43 - CFD: 19/09/2008 - 18:58:16 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Symantec O43 - CFD: 24/09/2008 - 21:59:40 - [750956] ----D- C:\Users\Gro ian\AppData\Roaming\vlc O43 - CFD: 27/10/2011 - 16:40:32 - [15420] ----D- C:\Users\Gro ian\AppData\Roaming\Vso O43 - CFD: 19/09/2008 - 21:08:28 - [715] ----D- C:\Users\Gro ian\AppData\Roaming\WildTangent O43 - CFD: 10/06/2009 - 16:40:36 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\WinBatch O43 - CFD: 22/02/2010 - 22:54:14 - [12] ----D- C:\Users\Gro ian\AppData\Roaming\WinRAR O43 - CFD: 08/10/2011 - 12:44:12 - [5848099] ----D- C:\Users\Gro ian\AppData\Local\Adobe O43 - CFD: 19/09/2008 - 18:50:46 - [0] -SH-D- C:\Users\Gro ian\AppData\Local\Application Data O43 - CFD: 15/10/2011 - 19:22:46 - [4381] ----D- C:\Users\Gro ian\AppData\Local\ApplicationHistory O43 - CFD: 01/03/2009 - 21:43:08 - [1611] ----D- C:\Users\Gro ian\AppData\Local\ArmA O43 - CFD: 19/09/2008 - 18:58:18 - [28955] ----D- C:\Users\Gro ian\AppData\Local\ATI O43 - CFD: 21/09/2008 - 19:51:18 - [33396618] ----D- C:\Users\Gro ian\AppData\Local\eMule O43 - CFD: 28/12/2009 - 23:58:40 - [3485] ----D- C:\Users\Gro ian\AppData\Local\GHOSTBUSTERS O43 - CFD: 04/06/2010 - 19:09:58 - [5972628] ----D- C:\Users\Gro ian\AppData\Local\Google O43 - CFD: 20/09/2008 - 19:15:06 - [5262] ----D- C:\Users\Gro ian\AppData\Local\Hewlett-Packard O43 - CFD: 19/09/2008 - 18:50:46 - [0] -SH-D- C:\Users\Gro ian\AppData\Local\Historique O43 - CFD: 07/10/2008 - 18:15:54 - [4597110] ----D- C:\Users\Gro ian\AppData\Local\HP O43 - CFD: 22/06/2010 - 21:06:00 - [69254356] ----D- C:\Users\Gro ian\AppData\Local\Microsoft O43 - CFD: 20/09/2008 - 20:38:28 - [1631441] ----D- C:\Users\Gro ian\AppData\Local\Microsoft Games O43 - CFD: 10/10/2008 - 00:39:58 - [39143] ----D- C:\Users\Gro ian\AppData\Local\MigWiz O43 - CFD: 19/09/2008 - 19:21:06 - [48670864] ----D- C:\Users\Gro ian\AppData\Local\Mozilla O43 - CFD: 01/12/2009 - 21:01:24 - [312146] ----D- C:\Users\Gro ian\AppData\Local\Quark O43 - CFD: 11/11/2008 - 00:15:02 - [1867] ----D- C:\Users\Gro ian\AppData\Local\ratDVD O43 - CFD: 04/06/2010 - 19:07:58 - [0] ----D- C:\Users\Gro ian\AppData\Local\Real O43 - CFD: 10/02/2010 - 04:00:50 - [5938696] ----D- C:\Users\Gro ian\AppData\Local\Rockstar Games O43 - CFD: 29/10/2011 - 13:30:06 - [75838] ----D- C:\Users\Gro ian\AppData\Local\Temp O43 - CFD: 19/09/2008 - 18:50:46 - [0] -SH-D- C:\Users\Gro ian\AppData\Local\Temporary Internet Files O43 - CFD: 07/10/2008 - 18:19:10 - [1144934035] ----D- C:\Users\Gro ian\AppData\Local\VirtualStore O43 - CFD: 03/05/2010 - 15:00:44 - [44941] ----D- C:\Users\Gro ian\AppData\Local\Warhammer Mark of Chaos ~ Scan Program Folder in 00mn 24s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.9CCC90E8837186EFAC7906FDE941B123] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [144430] O44 - LFC:[MD5.DF8710BC7D45337837437DD7945DB515] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfc009.dat [784446] O44 - LFC:[MD5.984A6944012B9779B4999D6EC706FD3C] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [39692] O44 - LFC:[MD5.D2C935BD07EFCF25CBF87571A57CF535] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfh009.dat [1405718] O44 - LFC:[MD5.B537CAD543F10FF798C0D7E7AEFD7740] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [116488] O44 - LFC:[MD5.C05CF8C56868DEB29DA32E23425BA059] - 29/10/2011 - 12:21:49 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1149285] O44 - LFC:[MD5.7D16401CBE0F9E49F355BDC8DCE79BE9] - 29/10/2011 - 12:16:58 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.625DB955B10C13546A2A24B71E8FB96C] - 29/10/2011 - 08:59:09 ---A- . (...) -- C:\Windows\MEMORY.DMP [187088816] O44 - LFC:[MD5.8831252BCF05FCFB5ABD116A22E552D8] - 28/10/2011 - 11:59:41 ---A- . (...) -- C:\Windows\system32\drivers\sp_rsdrv2.sys [142592] O44 - LFC:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 27/10/2011 - 13:20:14 ---A- . (.VSO Software - low level access layer for CD/DVD/BD device.) -- C:\Windows\system32\drivers\pcouffin.sys [47360] O44 - LFC:[MD5.1D0316BEB736160D249C4F147261EC70] - 25/10/2011 - 09:23:17 ---A- . (.RealNetworks, Inc. - Real Player ActiveX Control.) -- C:\Windows\system32\rmoc3260.dll [198832] O44 - LFC:[MD5.33833B3EDA1B07EBD367FA9B38B23E60] - 25/10/2011 - 09:23:04 ---A- . (.RealNetworks, Inc. - 16 bit DirectX helper DLL.) -- C:\Windows\system32\pndx5016.dll [6656] O44 - LFC:[MD5.B74E422BC81236042529DC8A42A18423] - 25/10/2011 - 09:23:04 ---A- . (.RealNetworks, Inc. - 32 bit DirectX helper DLL.) -- C:\Windows\system32\pndx5032.dll [5632] O44 - LFC:[MD5.B4EB68502E52EBDC0B2C55EA3445284C] - 25/10/2011 - 09:23:03 ---A- . (.Progressive Networks - Pas de description.) -- C:\Windows\system32\pncrt.dll [272896] O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 23/10/2011 - 14:48:44 ---A- . (...) -- C:\Windows\system32\icrav03.rat [8798] O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 23/10/2011 - 14:48:44 ---A- . (...) -- C:\Windows\system32\ticrf.rat [1988] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 23/10/2011 - 14:48:37 ---A- . (...) -- C:\Windows\system32\ieuinit.inf [72822] O44 - LFC:[MD5.7D0FB26D5CACBED6D9BE0B960C1F5CD6] - 23/10/2011 - 10:07:44 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [337752] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/10/2011 - 10:05:25 --HA- . (...) -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/10/2011 - 10:05:08 --HA- . (...) -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf [0] O44 - LFC:[MD5.FB724E1170D41C52038B14E283AB13B0] - 22/10/2011 - 19:43:53 ---A- . (...) -- C:\updatedatfix.log [734] O44 - LFC:[MD5.2C536D41DCE213E1D449F18B3D41EA55] - 21/10/2011 - 12:58:43 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl [414368] O44 - LFC:[MD5.D248D0DB24D9E01AA7F2E42A9758E8C0] - 21/10/2011 - 10:49:35 ---A- . (...) -- C:\Windows\system32\jupdate-1.6.0_29-b11.log [3075] O44 - LFC:[MD5.9A7E344C3D52EE1A2EF003B33B1C1BF1] - 21/10/2011 - 10:40:15 ---A- . (.Microsoft - NPS Migration Plugin.) -- C:\Windows\system32\IasMigPlugin.dll [454144] O44 - LFC:[MD5.358A03A7A47F0AD71E84306AC635A626] - 21/10/2011 - 10:40:06 ---A- . (.Pas de propriétaire - Programme d'authentification du périphériqu.) -- C:\Windows\system32\EhStorAuthn.dll [117248] O44 - LFC:[MD5.81638E6E467193699B5A800732ECBDE4] - 21/10/2011 - 10:39:18 ---A- . (.Microsoft - Classe d’assistance SMB (partage de fichier.) -- C:\Windows\system32\SMBHelperClass.dll [83456] O44 - LFC:[MD5.20143FD619C185E13E170E91AB304477] - 17/10/2011 - 16:04:38 ---A- . (...) -- C:\Windows\SIERRA.INI [301] O44 - LFC:[MD5.F99DDD5E4F807B43E8B85DCD5F4B59EA] - 10/10/2011 - 13:37:06 ---A- . (.Microsoft - Legacy GDF resource DLL.) -- C:\Windows\system32\GameUXLegacyGDFs.dll [4240384] O44 - LFC:[MD5.FA4B5940B31853ADE67A73026884C8C9] - 09/10/2011 - 18:13:47 ---A- . (.Microsoft Corporation - Bibliothèque d'assistance au déploiement de.) -- C:\Windows\system32\dfshim.dll [1130824] O44 - LFC:[MD5.54F73529D65E5EB41FFC28C4EDDF069F] - 09/10/2011 - 08:27:15 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\system32\atmlib.dll [34304] O44 - LFC:[MD5.B44A7AC9E801C38F54F7340351313E85] - 09/10/2011 - 08:27:15 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\system32\atmfd.dll [292864] O44 - LFC:[MD5.3F337DD54339BEAF26917D3A0A32C1DE] - 09/10/2011 - 08:25:39 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll [81920] O44 - LFC:[MD5.0857BDD856888D78E6E991CDDA49A4B8] - 09/10/2011 - 08:23:29 ---A- . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\system32\l3codecp.acm [220672] O44 - LFC:[MD5.8A64A3F68F0E24917759852C842DCD74] - 09/10/2011 - 08:23:29 ---A- . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\system32\l3codeca.acm [62464] O44 - LFC:[MD5.C47623FFD181A1E7D63574DDE2A0A711] - 08/10/2011 - 11:35:51 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568] O44 - LFC:[MD5.748AE7F2D7DA33ADB063FE05704A9969] - 08/10/2011 - 11:35:51 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [320856] O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 08/10/2011 - 11:35:50 ---A- . (...) -- C:\Windows\system32\config.nt [2577] O44 - LFC:[MD5.4804753A4EC7D67CC22D226BFFD1C1E3] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54616] O44 - LFC:[MD5.CA9925CE1DBD07FFE1EB357752CF5577] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52568] O44 - LFC:[MD5.36239E24470A3DD81FAE37510953CC6C] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392] O44 - LFC:[MD5.CAA846E9C83836BDC3D2D700C678DB65] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [442200] O44 - LFC:[MD5.701A5948B60452EF6CF06C2900C3B9EA] - 08/10/2011 - 11:35:26 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [41184] O44 - LFC:[MD5.37CCBB62A3D8FE3903CD2CBFC711895C] - 08/10/2011 - 11:35:25 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\system32\aswBoot.exe [199304] O44 - LFC:[MD5.ABA0F3AF163878E5E64248A92A8ECCA8] - 08/10/2011 - 10:29:55 ---A- . (...) -- C:\Windows\system32\jupdate-1.6.0_26-b03.log [6310] O44 - LFC:[MD5.AFBF77A659ABEA37EBE3994656970CF2] - 03/10/2011 - 04:06:16 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [157472] O44 - LFC:[MD5.9225A1067BC2858575B9787BB3ECC4FD] - 03/10/2011 - 04:06:15 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [145184] O44 - LFC:[MD5.9D1379B60113E70C75592B02538E84D6] - 03/10/2011 - 04:06:14 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\java.exe [145184] O44 - LFC:[MD5.3107D5460A32130EAFE9BEAA12EE2251] - 03/10/2011 - 04:06:03 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [472808] O44 - LFC:[MD5.F6D48AE1F578493D2E19DD644B153976] - 01/08/2009 - 07:27:37 ---A- . (...) -- C:\Windows\system32\winrm.vbs [201184] O44 - LFC:[MD5.B2EDF82825D979928AE07CBE9C7A2160] - 16/07/2009 - 18:30:03 ---A- . (...) -- C:\Windows\system32\WsmTxt.xsl [2426] O44 - LFC:[MD5.3C436603213561E2E7DD3D4459DBB7D4] - 16/07/2009 - 18:30:03 ---A- . (...) -- C:\Windows\system32\wsmanconfig_schema.xml [4675] O44 - LFC:[MD5.18B2C06EF8DC3FAF83C074089024391E] - 11/07/2009 - 18:03:56 ---A- . (...) -- C:\Windows\system32\wlan.tmf [2501921] O44 - LFC:[MD5.52CB0185C73E1BA86CC7F726F22523C3] - 11/04/2009 - 07:28:21 ---A- . (...) -- C:\Windows\system32\msjetoledb40.dll [368640] O44 - LFC:[MD5.AD4C3968CE1DB3A3A4632E1CDECA9555] - 11/04/2009 - 05:48:19 ---A- . (...) -- C:\Windows\system32\eaphost.tmf [344698] O44 - LFC:[MD5.A3EB38D309C5682BBA0E23732C5D4AF2] - 11/04/2009 - 05:46:15 ---A- . (...) -- C:\Windows\system32\WFP.TMF [208966] O44 - LFC:[MD5.4DF0D81B2B19B87DBFF241619DCDDC31] - 11/04/2009 - 05:43:51 ---A- . (...) -- C:\Windows\system32\dot3.tmf [442788] O44 - LFC:[MD5.16D06DC26B8BD160AD81EE271D9577D8] - 11/04/2009 - 05:43:37 ---A- . (...) -- C:\Windows\system32\onex.tmf [392170] O44 - LFC:[MD5.E9E66706083BFE4B0070EE0A5E8D42DB] - 11/04/2009 - 02:59:51 ---A- . (...) -- C:\Windows\system32\StructuredQuerySchema.bin [107612] O44 - LFC:[MD5.B51BF7934D2B657454F66035AA5BFA03] - 11/04/2009 - 02:54:25 ---A- . (...) -- C:\Windows\system32\locale.nls [3662128] O44 - LFC:[MD5.75DFEB04C0C978810720283C1B5CD7B1] - 07/03/2009 - 02:11:16 ---A- . (...) -- C:\Windows\system32\systemsf.ebd [130008] O44 - LFC:[MD5.07400BC21119204892795F015052CDF4] - 20/02/2009 - 01:20:51 ---A- . (...) -- C:\Windows\system32\RacUR.xml [9212] O44 - LFC:[MD5.6F7C27002EA0F9496070A1150C977DEC] - 20/02/2009 - 01:20:51 ---A- . (...) -- C:\Windows\system32\spcinstrumentation.man [9239] O44 - LFC:[MD5.4C58B5E71FEEFD18BB7F537343C7219A] - 18/02/2009 - 19:43:18 ---A- . (...) -- C:\Windows\system32\RacUREx.xml [153] O44 - LFC:[MD5.BCDBB5CEA1E8AEA0FA353691EB003728] - 18/02/2009 - 19:39:57 ---A- . (...) -- C:\Windows\system32\slmgr.vbs [92918] O44 - LFC:[MD5.D07E5384D2B4E71F7D49C9F334D69284] - 27/05/2008 - 05:59:40 ---A- . (...) -- C:\Windows\system32\StructuredQuerySchemaTrivial.bin [18904] O44 - LFC:[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - 08/11/2007 - 10:04:45 ---A- . (...) -- C:\Windows\system32\korwbrkr.lex [11967524] ~ Scan Files in 00mn 33s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{140b194a-559a-11df-ad84-00221507e036}\AutoRun\command. (...) -- K:\wdsync.exe (.not file.) O51 - MPSK:{94e74665-0fc5-11de-ab70-00221507e036}\AutoRun\command - Clé orpheline O51 - MPSK:{e7d9ec61-958e-11dd-bdbe-00221507e036}\AutoRun\command. (...) -- M:\Support\AutoRun\AutoRun.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\system32\l3codecp.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968] O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600] O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432] O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560] O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464] O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416] O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928] O58 - SDL:[MD5.C47623FFD181A1E7D63574DDE2A0A711] - 08/10/2011 - 21:36:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568] O58 - SDL:[MD5.4804753A4EC7D67CC22D226BFFD1C1E3] - 08/10/2011 - 21:36:26 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54616] O58 - SDL:[MD5.36239E24470A3DD81FAE37510953CC6C] - 08/10/2011 - 21:36:38 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392] O58 - SDL:[MD5.CAA846E9C83836BDC3D2D700C678DB65] - 08/10/2011 - 21:38:05 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [442200] O58 - SDL:[MD5.748AE7F2D7DA33ADB063FE05704A9969] - 08/10/2011 - 21:37:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [320856] O58 - SDL:[MD5.CA9925CE1DBD07FFE1EB357752CF5577] - 08/10/2011 - 21:36:36 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52568] O58 - SDL:[MD5.38973519D2A61E33E49A09C6B05621CD] - 25/05/2008 - 01:53:20 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [3520512] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584] O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504] O58 - SDL:[MD5.37769C28E1C6489C56E41DB7A32D58C5] - 17/06/2009 - 16:56:40 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [327192] O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312] O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656] O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312] O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288] O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.B40539857021CB65C640FA18B9E40BB0] - 19/09/2008 - 13:01:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 175.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7465312] O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968] O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112] O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 27/10/2011 - 13:20:14 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Windows\system32\drivers\pcouffin.sys [47360] O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 25/05/2008 - 17:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\Windows\system32\drivers\PS2.sys [19072] O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.5D26CCB06E1F3B5C26E863DF3F4F2611] - 10/06/2009 - 16:03:48 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2152088] O58 - SDL:[MD5.ABBE0F54BA3A378262C9CB86CF7D91F8] - 25/05/2008 - 15:56:02 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [118784] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/10/2008 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [717296] O58 - SDL:[MD5.8831252BCF05FCFB5ABD116A22E552D8] - 28/10/2011 - 11:59:41 ---A- . (...) -- C:\Windows\system32\drivers\sp_rsdrv2.sys [142592] O58 - SDL:[MD5.5A1D0CA8A5F1E7B4EC50B9D76C001F0E] - 05/04/2010 - 10:11:16 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Device 1.0 Driver.) -- C:\Windows\system32\drivers\ss_bus.sys [83592] O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 05/04/2010 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cm.sys [12424] O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 05/04/2010 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cmnt.sys [12424] O58 - SDL:[MD5.F0A85580E36A3A85059037D39A9CF079] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Filter Driver.) -- C:\Windows\system32\drivers\ss_mdfl.sys [15112] O58 - SDL:[MD5.84C3DBFD1BFA4ADC0A950B3D5506CB00] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Driver.) -- C:\Windows\system32\drivers\ss_mdm.sys [109704] O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_wh.sys [12424] O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_whnt.sys [12424] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 05/04/2010 - 15:05:00 ---A- . (...) -- C:\Windows\system32\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024] O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ~ Scan Drivers in 00mn 02s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 06/09/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <Regedit.Document>[HKLM\..\open\Command] (...) -- c:\Winnt\Regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <Regedit.Document>[HKCR\..\open\Command] (...) -- c:\Winnt\Regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {242366AF-80F7-4DFF-8169-C948CA272752} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {32654C5A-909A-4920-9EAD-9D31FC5F3792} - (AOL Recherche) - http://slirsredirect.search.aol.com O69 - SBI: SearchScopes [HKCU] {8F00202E-3F8E-4026-9CF4-5C5D404AA43F} - (Kelkoo) - Voitures Et Motos | Comparer Prix & Acheter Voiture Et Moto - Kelkoo France O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9} - (DAEMON Search) - DAEMON-Search.com :: EXPLORE ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.254FBCA565E049648B0CCE2CEADF05D2] [sPRF][27/10/2011] (...) -- C:\Users\Gro ian\AppData\Roaming\inst.exe [87608] [MD5.5B6C11DE7E839C05248CED8825470FEF] [sPRF][27/10/2011] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\Gro ian\AppData\Roaming\pcouffin.sys [47360] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{8C052177-3D71-427F-8122-3B72997E90B4}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files\Cyberlink\PowerDirector\PDR.exe O87 - FAEL: "TCP Query User{D5940B08-68B1-4096-A64C-A95CD0064CE1}C:\program files\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "UDP Query User{5A42F6A4-90E6-44E5-BD16-032472D34A80}C:\program files\emule\emule.exe" | In - Private - P17 - FALSE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "{8BCB3F0E-CA42-4A30-862D-6C7F8DBA267D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe (.not file.) O87 - FAEL: "{F974D8E2-6BDC-438F-8321-CDF5E9FC8F22}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe (.not file.) O87 - FAEL: "{32313217-1411-420F-9B0F-AF54A1364016}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe (.not file.) O87 - FAEL: "{D269A3F6-7C45-4EAC-9CA9-A608395930D3}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe (.not file.) O87 - FAEL: "{B3B65CDB-8F8A-446D-A83E-BF41D5F368F0}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe (.not file.) O87 - FAEL: "{81CB45F8-247A-4A80-B251-B78BE699FBAD}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe (.not file.) O87 - FAEL: "{967E89FD-A862-4F17-82DE-30243E745B97}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe (.not file.) O87 - FAEL: "{2A994EFF-D668-456B-BE5B-539043983F0B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe (.not file.) O87 - FAEL: "TCP Query User{7B73471C-4175-4A1C-8F48-2500E6F04423}C:\program files\emule\emule.exe" | In - Public - P6 - FALSE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "UDP Query User{A5767F8B-EA8C-46F3-8082-F2338159F127}C:\program files\emule\emule.exe" | In - Public - P17 - FALSE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "TCP Query User{6B223150-D6B6-42CF-98DE-AF55B9F63A9E}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\thq\dawn of war - soulstorm\soulstorm.exe (.not file.) O87 - FAEL: "UDP Query User{AB60F2C0-7FDD-4CEB-B65F-83EC805CA4FB}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\thq\dawn of war - soulstorm\soulstorm.exe (.not file.) O87 - FAEL: "TCP Query User{C28B611B-809A-439E-AA24-4693671856ED}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe (.not file.) O87 - FAEL: "UDP Query User{35EF8499-3CA4-43B4-9A7B-4AE492FFB965}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe (.not file.) O87 - FAEL: "{C22D7154-CA9A-4870-9F37-023AA7BA351E}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.) O87 - FAEL: "{19D24194-AE38-4322-8212-55207FF38BFC}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.) O87 - FAEL: "{76CEBD95-2072-49B8-8BA3-BEA201D88E9D}" | In - Public - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe O87 - FAEL: "{833C4168-9F1F-4C86-BB0D-CA6A7FE6C71B}" | In - Public - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe O87 - FAEL: "TCP Query User{D9D5EF40-4D83-4205-8744-79076479A64F}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\ubisoft\heroes of might and magic v - tribes O87 - FAEL: "UDP Query User{57B2D4F7-0C4E-49E6-9B86-2292532D9038}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\ubisoft\heroes of might and magic v - tribe O87 - FAEL: "{8312D59D-710D-4BFA-B983-17E9780C9783}" | In - Private - P6 - TRUE | .(.Monolith Productions, Inc. - F.E.A.R..) -- C:\Program Files\Sierra\FEARCombat\FEARMP.exe O87 - FAEL: "{71644499-4DDE-427E-AF3D-B042B78E0DCB}" | In - Private - P17 - TRUE | .(.Monolith Productions, Inc. - F.E.A.R..) -- C:\Program Files\Sierra\FEARCombat\FEARMP.exe O87 - FAEL: "{7B67770B-5AF6-4C58-9D80-65E6FD05D00D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (.not file.) O87 - FAEL: "{BE3F4F03-D2B8-4BA7-B5A0-570D1A71AAA6}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (.not file.) O87 - FAEL: "{55D4BF6D-0700-40DB-ACD0-B8EDC27B07A7}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O87 - FAEL: "{0BFE84DE-58BC-45E1-B81B-74BB5F38B8BD}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe (.not file.) O87 - FAEL: "{670487AB-7F7A-4CAF-B8F6-65C07F3C094E}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe (.not file.) O87 - FAEL: "{6E4A0FEF-3976-4A62-B8C7-4C8B288E4A0D}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe (.not file.) O87 - FAEL: "{7E4B9AE0-27F2-4C71-B778-1D4CCEA2644C}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\TSMAgent.exe (.not file.) O87 - FAEL: "{AF6971E2-00D0-4CFE-AB03-F879483288D7}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe (.not file.) O87 - FAEL: "{52491F82-B3E1-49CF-896F-E69CA166F490}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe O87 - FAEL: "{8FF70E9B-C9AD-4D78-8041-B8C108DD48C1}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.) O87 - FAEL: "{A60F6F60-ABB5-44B7-A8BC-59BEA7455B24}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.) O87 - FAEL: "{C2CD0F89-7731-436F-A70B-8881B0D84EB8}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe O87 - FAEL: "TCP Query User{F51BDF3E-E90A-4C8F-AE05-4EC07C1DD919}C:\program files\namco bandai games\warhammer® mark of chaos\warhammer.exe" | In - Public - P6 - TRUE | .(.Black Hole Entertainment.) -- C:\program files\namco bandai games\warhammer® mark O87 - FAEL: "UDP Query User{85446F0F-EDF7-4477-A3A7-57AB5C3A3721}C:\program files\namco bandai games\warhammer® mark of chaos\warhammer.exe" | In - Public - P17 - TRUE | .(.Black Hole Entertainment.) -- C:\program files\namco bandai games\warhammer® mark O87 - FAEL: "TCP Query User{C02D70A1-20EE-49BA-902D-47D23A95376A}F:\program files\spyware terminator\spywareterminatorupdate.exe" | In - Public - P6 - TRUE | .(.Crawler.com.) -- F:\program files\spyware terminator\spywareterminatorupdate.exe O87 - FAEL: "UDP Query User{286E1A0A-8F83-4BCA-B680-580F94CEBC97}F:\program files\spyware terminator\spywareterminatorupdate.exe" | In - Public - P17 - TRUE | .(.Crawler.com.) -- F:\program files\spyware terminator\spywareterminatorupdate.exe ~ Scan Firewall in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : 8789 - (28/10/2011) Clés trouvées (Keys found) : 4 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\AppID\WMHelper.DLL] =>PUP.BearShare [HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}] =>PUP.iMesh [HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] =>Adware.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar] =>Toolbar.Agent [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent C:\Program Files\DAEMON Tools Toolbar =>Toolbar.Agent ~ Scan Additionnel in 00mn 06s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 25/05/2008 655360 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe SR - | Auto 06/09/2011 44768 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SS - | Demand 25/05/2008 165416 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe SS - | Demand 0 | (getPlus® Helper) . (...) - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe SS - | Auto 04/06/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 04/06/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 25/05/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe SR - | Auto 10/06/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe SR - | Auto 09/10/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe SR - | Auto 19/09/2008 118784 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 08/10/2011 496128 | (sp_rssrv) . (.Crawler.com.) - F:\Program Files\Spyware Terminator\sp_rsser.exe SS - | Demand 03/05/2010 419624 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 00mn 07s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ Scan MBR in 00mn 09s ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 27/10/2011 - 13:20:14 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Windows\system32\drivers\pcouffin.sys [47360] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/10/2008 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [717296] ~ Scan Emulateurs in 00mn 11s End of the scan (1337 lines in 01mn 27s)(0)
-
Bonjour à tous, Après avoir lancé un scan au démarrage, avast a trouvé 3 menaces (WMA:Wimad[Drp], Java:Jade-C[Heur] et Ricsi-831) j'ai supprimé les objets infectés mais je voudrais être certain de m'être débarrassé de tout! J'ai lancé ZhpDiag tout à l'heure. Pourriez vous analyser le rapport suivant car je n'y connais rien et me donner la marche à suivre? merci d'avance! cordialement Rapport de ZHPDiag v1.28.2155 par Nicolas Coolman, Update du 28/10/2011 Run by Gro ian at 29/10/2011 13:31:09 Web site : ZHPDiag Outil de diagnostic State : Version à jour. ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox v3.6.23 (fr) (Defaut) GCIE: Google Chrome v15.0.874.106 ---\\ Windows Product Information Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3070 MB (61% free) System Restore: Activé (Enable) System drive C: has 96 GB (33%) free of 287 GB ---\\ Logged in mode ~ Computer Name: GROTROLL ~ User Name: Gro ian ~ All Users Names: Gro ian, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Gro ian\AppData\Roaming\ ~ %Desktop% : C:\Users\Gro ian\Desktop\ ~ %Favorites% : C:\Users\Gro ian\Favorites\ ~ %LocalAppData% : C:\Users\Gro ian\AppData\Local\ ~ %StartMenu% : C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 96 Go of 287 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 11 Go) E:\ CD-ROM drive (Not Inserted) F:\ Hard drive, Flash drive, Thumb drive (Free 15 Go of 75 Go) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ CD-ROM drive (Not Inserted) K:\ Floppy drive, Flash card reader, USB Key (Not Inserted) M:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.21/10/2011 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.D3788D91530CFA005BD516189A4C676E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.23/10/2011 - 14:48:37.) -- C:\Windows\system32\wininet.dll [1126912] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/10/2011 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.25/05/2008 - 21:22:10.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.09/10/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408] [MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\Windows\system32\drivers\atapi.sys [21560] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/10/2011 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.09/10/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/10/2011 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.09/10/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.21/10/2011 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/10/2011 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\drivers\rdpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.21/10/2011 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.21/10/2011 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/23 ~ Mes musiques (My Musics) : 1/4 ~ Mes Videos (My Videos) : 1/4 ~ Mes Favoris (My Favorites) : 2/23 ~ Mes Documents (My Documents) : 1/176 ~ Mon Bureau (My Desktop) : 9/959 ~ Menu demarrer (Programs) : 7/29 ~ Scan Hidden Files in 00mn 00s ---\\ Processus lancés [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.2192] [MD5.D93985F5D87DF1A119E939EADB5C4B9E] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6266880] [PID.2216] [MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536] [PID.2236] [MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544] [PID.] [MD5.D2084C2112CBA266E08ED2A601E3C020] - (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [132624] [PID.2684] [MD5.731F68141C806BD2359FD878CD05C929] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808] [PID.2708] [MD5.BD18FB44B14911F41CA8695928C9D9A8] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200] [PID.2792] [MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3722416] [PID.2808] [MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.2840] [MD5.2AA60514B683F15CF484C4A9F21C3425] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [273528] [PID.2940] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2960] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3012] [MD5.36D773CBEA37AB24966963A9B4891227] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe [490952] [PID.3048] [MD5.335FB5B236227217E54269FA85A1B27D] - (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe [679936] [PID.3096] [MD5.009811BD21D0BD7BA5C7765565505764] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088] [PID.3108] [MD5.480B8218CAC947DB5F32D126FAE2BACD] - (.Crawler.com - Spyware Terminator Update Support.) -- F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3318784] [PID.3228] [MD5.45D1648724123669962DBA211D2C64AA] - (.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe [5308416] [PID.3268] [MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360] [PID.3296] [MD5.FE4F7AADAB104194D899E5B8B8B51CF0] - (.OpenOffice.org - OpenOffice.org 2.4.) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.exe [2363392] [PID.3352] [MD5.A1E80D64FCD01CD6AD83CCC46051366F] - (.OpenOffice.org - OpenOffice.org 2.4.) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN [2580480] [PID.3600] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4196] [MD5.B70278D1459A677639D51892160FD365] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320] [PID.4384] [MD5.7E04B1ADE140F483A6581461568D8D9C] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [610304] [PID.4420] [MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.4456] [MD5.7CAC10A1C258DFCB5ADE563BAE6D2F15] - (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\kbd\kbd.exe [67128] [PID.4472] [MD5.B6FDDDAB3A8C94CC5B47B6F6C596F9FC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344] [PID.5228] [MD5.4E8A14EB0F88199F8B8D5D55B3A17B5E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.3712] [MD5.9F323EEAFAD860204EAA0630E0A3D7F9] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [696320] [PID.5316] [MD5.E0A2DC5D912DD50F9190A6B38110A513] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.1.) -- C:\Windows\system32\nvvsvc.exe [118784] [PID.] [MD5.F81CAC1FFAC56A997E0EA750BDB30B03] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [655360] [PID.] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.] [MD5.C76769F246250EDAD34A5581419E9D60] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768] [PID.] [MD5.1117AF8C53AA278A4C5B7EF1B00E08F4] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.] [MD5.DFEFF67508D3A9AEB1A85D7B0F513B24] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.] [MD5.642180B8F50E7FC1FBAF87C718E259D6] - (.Crawler.com - Spyware Terminator Realtime Shield 32-bit S.) -- F:\Program Files\Spyware Terminator\sp_rsser.exe [496128] [PID.] [MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904] [PID.] [MD5.CB383AB0B8BA871D893B86D3C9A3ED9F] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208] [PID.] ~ Scan Processes Running in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Gro ian\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep v.6.0.1289 (Activé) G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.5 (Activé) ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Gro ian\AppData\Roaming\Mozilla\Firefox\Profiles\5lqhjf02.default\prefs.js C:\Users\Gro ian\AppData\Roaming\Mozilla\Firefox\Profiles\5lqhjf02.default\user.js M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\support@daemon-tools.cc M0 - MFSP: prefs.js [Gro ian - 5lqhjf02.default] Réseau Voltaire M2 - MFEP: prefs.js [Gro ian - 5lqhjf02.default\illimitux@illimitux.net] [illimitux] Illimitux v4.0 (.http://www.illimitux.net/.) M2 - MFEP: prefs.js [Gro ian - 5lqhjf02.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [Gro ian - 5lqhjf02.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.1.1.20091029021655 (.Yahoo!.) P2 - FPN:Firefox Plugin Navigator . (.Macromedia, Inc. - Macromedia Shockwave for Director Netscape plug-in, version 8.5.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.669.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_29 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.669] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.669] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=12.0.1.669] - (.RealNetworks, Inc. - RealNetworks RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserre P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.669] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.669] - (.RealNetworks, Inc. - 12.0.1.669.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=0.9.2] - (.the VideoLAN Team - Version 0.9.2, copyright 1996-2008 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Jumpstation R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Jumpstation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} . (.Pas de propriétaire - ToolBand Module.) -- C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] . (...) -- C:\HP\KBD\KbdStub.exe O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll O4 - HKLM\..\Run: [sMSTray] . (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [hpqSRMon] Clé orpheline O4 - HKLM\..\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe O4 - HKCU\..\Run: [Windows] . (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe O4 - HKCU\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe O4 - HKCU\..\Run: [spywareTerminatorUpdate] . (.Crawler.com - Spyware Terminator Update Support.) -- F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe O4 - HKCU\..\Run: [eMuleAutoStart] . (.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [Windows] . (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [spywareTerminatorUpdate] . (.Crawler.com - Spyware Terminator Update Support.) -- F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [eMuleAutoStart] . (.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk . (.CyberLink.) -- C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk . (...) -- C:\Program Files\foobar2000\foobar2000.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung PC Studio 3.lnk . (...) -- C:\Program Files\Samsung\Samsung PC Studio 3\Launcher.exe O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.1.) - C:\Windows\system32\nvvsvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) . (.Crawler.com - Spyware Terminator Realtime Shield 32-bit S.) - F:\Program Files\Spyware Terminator\sp_rsser.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.874B6089DB177C2C9F2029CB5199373F] [APT] [RealUpgradeLogonTaskS-1-5-21-2514959625-1822713593-4122749096-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [MD5.874B6089DB177C2C9F2029CB5199373F] [APT] [RealUpgradeScheduledTaskS-1-5-21-2514959625-1822713593-4122749096-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [MD5.53752C90C56CA5B260827E47762BA3B8] [APT] [RecoveryCD] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe [MD5.EA20D863A09D2C39A4E35D6D761236FE] [APT] [{0C6688EF-D347-411E-8D8B-EA3EBB2C56B0}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [MD5.00000000000000000000000000000000] [APT] [{19B45A6F-2A6C-47B1-B674-4D404388DBCA}] (...) -- c:\Users\Gro ian\Downloads\avira_antivirus_personal_fr(2).exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{40FEDDC2-70EB-44A6-A327-EF09E2BBFDEF}] (...) -- c:\Users\Gro ian\Downloads\avira_antivirus_personal_fr.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{E5692892-047B-4551-9E86-6C189EBB8568}] (...) -- c:\Users\Gro ian\Downloads\avira_antivir_personal_fr.exe (.not file.) [MD5.61D3771702DE72053FEE2A98F213A030] [APT] [scheduled Maintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [MD5.EFB0FCD1CD300E5708E73230D91D6532] [APT] [scheduled Maintenance Swap] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe ~ Scan Scheduled Task in 00mn 03s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader 9.4.6 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001} O42 - Logiciel: ArmyCalc's Eye version 1.0 beta - (.Pas de propriétaire.) [HKLM] -- ArmyCalc's Eye_is1 O42 - Logiciel: BioShock 2 - (.2K Games.) [HKLM] -- {4A8B461A-9336-4CF9-98F4-14DD38E673F0} O42 - Logiciel: C-Dilla Licence Management System - (.Pas de propriétaire.) [HKLM] -- LMS O42 - Logiciel: ContentSAFER for Wizmax - (.Pas de propriétaire.) [HKLM] -- {C19BE821-89B1-4A96-AC7C-873810C0CB5F} O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: DAEMON Tools Toolbar - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Toolbar O42 - Logiciel: DivxToDVD 0.5.2 - (.VSO-Software SARL.) [HKLM] -- VSO DivxToDVD_is1 O42 - Logiciel: Editeur Handling GTA-SA v2.0 - (.Pas de propriétaire.) [HKLM] -- Editeur Handling GTA-SA v2.0 O42 - Logiciel: FEARCombat - (.Vivendi Universal Games, Inc..) [HKLM] -- {75E607CF-7BAE-4B88-84B3-97F3DF44BA28} O42 - Logiciel: Freeplayer - (.Free.) [HKLM] -- Freeplayer O42 - Logiciel: GIMP 2.6.7 - (.Pas de propriétaire.) [HKLM] -- WinGimp-2.0_is1 O42 - Logiciel: GTASA-Ultimate Editor - (.Pas de propriétaire.) [HKLM] -- ST6UNST #1 O42 - Logiciel: Ghostbusters : The Video Game - (.Atari.) [HKLM] -- InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Grand Theft Auto IV - (.Rockstar Games.) [HKLM] -- {579BA58C-F33D-4970-9953-B94B43768AC3} O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {E0810CC2-4B5B-4439-B1D0-452306AF2D64} O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {73A43E42-3658-4DD9-8551-FACDA3632538} O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {C27C82E4-9C53-4D76-9ED3-A01A3D5EE679} O42 - Logiciel: HP Customer Feedback - (.Hewlett-Packard.) [HKLM] -- {9DBA770F-BF73-4D39-B1DF-6035D95268FC} O42 - Logiciel: HP Customer Participation Program 10.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {E1476612-02D6-42A3-BDC1-E292B4115738} O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3 - (.HP.) [HKLM] -- {FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8} O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B} O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3} O42 - Logiciel: Hewlett-Packard Active Check for Health Check - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E} O42 - Logiciel: Hewlett-Packard Asset Agent for Health Check - (.HP.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Java 6 Update 29 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF} O42 - Logiciel: Java 6 Update 4 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160040} O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: Java SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {7F10292C-A190-4176-A665-A1ED3478DF86} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2572067) - (.Pas de propriétaire.) [HKLM] -- M2572067 O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft Combat Flight Simulator - (.Pas de propriétaire.) [HKLM] -- Combat Flight Simulator 1.00 O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77} O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox (3.6.23) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.23) O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: OCR Software by I.R.I.S. 10.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL O42 - Logiciel: OpenOffice.org 2.4 - (.OpenOffice.org.) [HKLM] -- {A122962F-331A-4C2E-93DB-AD92D8A4FB14} O42 - Logiciel: OpenOffice.org 2.4 Language Pack (Français) - (.OpenOffice.org.) [HKLM] -- {D2BE6521-F81C-4EC6-8887-A8BBC0B0786B} O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: Python 2.5 - (.Martin v. Löwis.) [HKLM] -- {0A2C5854-557E-48C8-835A-3B9F074BDCAA} O42 - Logiciel: QuarkXPress - (.Quark Inc..) [HKLM] -- {706EA4A8-97B5-4C29-A0F3-0B38C666F0C4} O42 - Logiciel: RarZilla Free Unrar 2.52 - (.Philipp Winterberg.) [HKLM] -- RarZilla Free Unrar 2.52 O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2005 Runtime - (.RealNetworks.) [HKLM] -- {026C3D27-9BE1-46BE-BEAE-6DE38A0F4FBE} O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA} O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: SFV Checker - (.Pas de propriétaire.) [HKLM] -- {C9736F27-3CFC-4AF9-B2A7-5B1A54B1A84F} O42 - Logiciel: Samsung Media Studio 5 - (.Samsung.) [HKLM] -- {C20CE592-B0F8-4D20-BF31-0151CA6331A6} O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97} O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A} O42 - Logiciel: San Andreas Mod Installer - (.cpmusick.) [HKLM] -- San Andreas Mod Installer1.1 O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: Shockwave - (.Pas de propriétaire.) [HKLM] -- Shockwave O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies O42 - Logiciel: SimpleOCR 3.1 - (.Pas de propriétaire.) [HKLM] -- SimpleOCR 3.1 O42 - Logiciel: Skype web features - (.Skype Technologies S.A..) [HKLM] -- {541DEAC0-5F3D-45E6-B7CB-94ECF3B96748} O42 - Logiciel: Skype™ 4.1 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36} O42 - Logiciel: Solution de clavier multimédia amélioré - (.Hewlett-Packard.) [HKLM] -- KBD O42 - Logiciel: Steam - (.Valve.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} O42 - Logiciel: The Forge - (.Pas de propriétaire.) [HKLM] -- The Forge O42 - Logiciel: The KMPlayer (remove only) - (.Pas de propriétaire.) [HKLM] -- The KMPlayer O42 - Logiciel: Universalis 9 - (.Pas de propriétaire.) [HKLM] -- {88872E86-59A5-4213-A609-FDCFA4D9BEA6} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523 O42 - Logiciel: Utilitaires Sierra - (.Pas de propriétaire.) [HKLM] -- Utilitaires Sierra O42 - Logiciel: VLC media player 0.9.2 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: VSO CopyToDVD 4 - (.VSO Software.) [HKLM] -- {870F1750-BA89-11DA-A94D-0800200C9A66}_is1 O42 - Logiciel: Warhammer® Mark of Chaos - (.NAMCO BANDAI Games.) [HKLM] -- {5F374D5D-DB43-4263-9C29-BAB2C93FEFE6} O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast O42 - Logiciel: bfgscreen Screen Saver - (.Pas de propriétaire.) [HKLM] -- bfgscreen O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule O42 - Logiciel: foobar2000 v1.0.3 - (.Peter Pawlowski.) [HKLM] -- foobar2000 O42 - Logiciel: muvee autoProducer 6.1 - (.muvee Technologies.) [HKLM] -- {FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8} O42 - Logiciel: ratDVD 0.78.1444 - (.ratDVD.) [HKLM] -- ratDVD O42 - Logiciel: sp44626 - (.Hewlett-Packard.) [HKLM] -- sp44626 ---\\ HKCU & HKLM Software Keys [HKCU\Software\ALWIL Software] [HKCU\Software\AOL] [HKCU\Software\ATI] [HKCU\Software\AVAST Software] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Binary Noise] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\Encyclopaedia-Universalis] [HKCU\Software\Freeplayer] [HKCU\Software\GTAGarage] [HKCU\Software\Gabest] [HKCU\Software\GameSpy] [HKCU\Software\Google] [HKCU\Software\HP Guide] [HKCU\Software\Hewlett-Packard] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\KMPlayer] [HKCU\Software\Leadertech] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept (Muvee)] [HKCU\Software\MainConcept] [HKCU\Software\Micromega Software System] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NOS] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\NamcoBandai] [HKCU\Software\Netscape] [HKCU\Software\OpenOffice.org] [HKCU\Software\Philipp Winterberg] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Quark] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\SFX TEAM] [HKCU\Software\Samsung Media Studio] [HKCU\Software\Samsung PC Studio] [HKCU\Software\Samsung] [HKCU\Software\SecuROM] [HKCU\Software\Skype] [HKCU\Software\SoftVTU] [HKCU\Software\Softthinks] [HKCU\Software\Spyware Terminator] [HKCU\Software\THQ] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Valve] [HKCU\Software\Vso] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Winamp] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\eMule] [HKCU\Software\muvee Technologies] [HKCU\Software\ratDVD] [HKCU\Software\yahooinstall] [HKLM\Software\2K Games] [HKLM\Software\ALWIL Software] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\AVAST Software] [HKLM\Software\Adobe] [HKLM\Software\America Online] [HKLM\Software\AppForge] [HKLM\Software\Atari] [HKLM\Software\Bohemia Interactive Studio] [HKLM\Software\C-Dilla] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DIOC] [HKLM\Software\DT Soft] [HKLM\Software\Debug] [HKLM\Software\EasyBits] [HKLM\Software\Encyclopaedia-Universalis] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\LightScribe] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\MarkAny] [HKLM\Software\Matrix Games] [HKLM\Software\Micromega Software System] [HKLM\Software\Monolith Productions] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MusicNet] [HKLM\Software\NAMCO BANDAI Games] [HKLM\Software\NOS] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NamcoBandai] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\PC-Doctor] [HKLM\Software\Philipp Winterberg] [HKLM\Software\PocketSoft] [HKLM\Software\Policies] [HKLM\Software\Quark] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Rockstar Games] [HKLM\Software\SAMI] [HKLM\Software\SEGA] [HKLM\Software\SRS Labs] [HKLM\Software\Samsung Electronics Co., Ltd.] [HKLM\Software\Samsung] [HKLM\Software\Sierra OnLine] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Spyware Terminator] [HKLM\Software\Sun Microsystems] [HKLM\Software\Symantec] [HKLM\Software\THQ] [HKLM\Software\Total War] [HKLM\Software\Traction Software] [HKLM\Software\VSO] [HKLM\Software\Valve] [HKLM\Software\VideoLAN] [HKLM\Software\VodeiMPAVI] [HKLM\Software\Volatile] [HKLM\Software\WOW6432Node] [HKLM\Software\WildTangent] [HKLM\Software\Wilson WindowWare] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Yahoo] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 23/02/2010 - 01:34:10 - [9726800104] ----D- C:\Program Files\2K Games O43 - CFD: 22/03/2010 - 01:17:16 - [36774748] ----D- C:\Program Files\ACE O43 - CFD: 08/10/2011 - 12:44:24 - [162985646] ----D- C:\Program Files\Adobe O43 - CFD: 19/09/2008 - 19:20:06 - [0] ----D- C:\Program Files\Alwil Software O43 - CFD: 28/12/2009 - 22:05:02 - [11637630252] ----D- C:\Program Files\Atari O43 - CFD: 08/10/2011 - 12:35:12 - [233894048] ----D- C:\Program Files\AVAST Software O43 - CFD: 27/10/2011 - 11:27:44 - [430876514] ----D- C:\Program Files\Common Files O43 - CFD: 25/05/2008 - 12:49:28 - [734177944] ----D- C:\Program Files\CyberLink O43 - CFD: 09/10/2008 - 01:17:10 - [5224196] ----D- C:\Program Files\DAEMON Tools Lite O43 - CFD: 09/10/2008 - 01:17:10 - [2776033] ----D- C:\Program Files\DAEMON Tools Toolbar O43 - CFD: 25/05/2008 - 12:59:18 - [69636367] ----D- C:\Program Files\EasyBits For Kids O43 - CFD: 14/03/2009 - 19:32:54 - [6716849] ----D- C:\Program Files\Editeur Handling GTA-SA O43 - CFD: 21/09/2008 - 19:51:18 - [11210932] ----D- C:\Program Files\eMule O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 01/05/2010 - 01:17:00 - [8543004] ----D- C:\Program Files\foobar2000 O43 - CFD: 24/09/2008 - 21:59:26 - [33283418] ----D- C:\Program Files\Freeplayer O43 - CFD: 02/12/2009 - 06:05:28 - [87124142] ----D- C:\Program Files\GIMP-2.0 O43 - CFD: 04/06/2010 - 19:07:10 - [276709277] ----D- C:\Program Files\Google O43 - CFD: 16/03/2009 - 10:47:36 - [248251] ----D- C:\Program Files\Gta Save O43 - CFD: 27/08/2009 - 19:52:06 - [5039176] ----D- C:\Program Files\GTA4MODS.com O43 - CFD: 16/03/2009 - 10:16:02 - [636167] ----D- C:\Program Files\GTASA-Ultimate Editor O43 - CFD: 24/12/2009 - 23:58:48 - [142429656] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 22/10/2011 - 20:43:58 - [256300102] ----D- C:\Program Files\HP O43 - CFD: 25/05/2008 - 12:58:54 - [493988158] ----D- C:\Program Files\HP Games O43 - CFD: 03/05/2010 - 14:05:44 - [155893613] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 10/06/2009 - 16:41:32 - [50343759] ----D- C:\Program Files\Intel O43 - CFD: 23/10/2011 - 16:37:22 - [5391567] ----D- C:\Program Files\Internet Explorer O43 - CFD: 21/10/2011 - 11:49:36 - [326569139] ----D- C:\Program Files\Java O43 - CFD: 20/03/2009 - 17:04:32 - [1827624] ----D- C:\Program Files\MarkAny O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games O43 - CFD: 22/02/2010 - 23:14:54 - [9281414] ----D- C:\Program Files\Microsoft Games for Windows - LIVE O43 - CFD: 19/09/2008 - 18:54:44 - [28429690] ----D- C:\Program Files\Microsoft Office O43 - CFD: 19/09/2008 - 20:01:58 - [152968] ----D- C:\Program Files\Microsoft Works O43 - CFD: 21/10/2011 - 20:38:34 - [15715] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 21/10/2011 - 20:29:46 - [99342446] ----D- C:\Program Files\Movie Maker O43 - CFD: 08/10/2011 - 19:10:36 - [82751554] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 09/10/2011 - 19:09:58 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 25/05/2008 - 12:50:04 - [155052528] ----D- C:\Program Files\muvee Technologies O43 - CFD: 03/05/2010 - 14:05:46 - [4545451502] ----D- C:\Program Files\NAMCO BANDAI Games O43 - CFD: 31/07/2009 - 09:34:24 - [0] ----D- C:\Program Files\NOS O43 - CFD: 24/10/2009 - 20:07:30 - [3052112] R---D- C:\Program Files\Online Services O43 - CFD: 01/03/2009 - 21:42:44 - [782336] ----D- C:\Program Files\OpenAL O43 - CFD: 19/09/2008 - 22:20:24 - [345051443] ----D- C:\Program Files\OpenOffice.org 2.4 O43 - CFD: 25/05/2008 - 13:07:08 - [87416588] ----D- C:\Program Files\PC-Doctor 5 for Windows O43 - CFD: 01/12/2009 - 20:58:34 - [462446712] ----D- C:\Program Files\Quark O43 - CFD: 21/09/2008 - 19:52:02 - [1765114] ----D- C:\Program Files\RarZilla Free Unrar O43 - CFD: 11/11/2008 - 00:14:58 - [9004657] ----D- C:\Program Files\ratDVD O43 - CFD: 25/10/2011 - 10:23:30 - [133820951] ----D- C:\Program Files\Real O43 - CFD: 25/05/2008 - 12:40:48 - [62844252] ----D- C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 12/04/2010 - 00:46:56 - [0] ----D- C:\Program Files\Rockstar Games O43 - CFD: 05/04/2010 - 17:28:12 - [214186562] ----D- C:\Program Files\Samsung O43 - CFD: 16/03/2009 - 01:54:40 - [3461724] ----D- C:\Program Files\San Andreas Mod Installer O43 - CFD: 12/06/2009 - 22:35:30 - [3775462563] ----D- C:\Program Files\Sierra O43 - CFD: 17/10/2011 - 17:04:36 - [32] ----D- C:\Program Files\Sierra On-Line O43 - CFD: 07/10/2008 - 18:31:26 - [25280966] ----D- C:\Program Files\SimpleOCR O43 - CFD: 26/07/2009 - 21:25:42 - [35821657] R---D- C:\Program Files\Skype O43 - CFD: 19/09/2008 - 19:34:06 - [1716] ----D- C:\Program Files\Sports Interactive O43 - CFD: 29/10/2011 - 13:17:10 - [139480002] ----D- C:\Program Files\Steam O43 - CFD: 28/09/2008 - 11:08:14 - [22640] ----D- C:\Program Files\SuperCopier2 O43 - CFD: 03/10/2008 - 17:23:02 - [46575431] ----D- C:\Program Files\The KMPlayer O43 - CFD: 14/06/2009 - 14:31:12 - [13416496] ----D- C:\Program Files\THQ O43 - CFD: 18/10/2008 - 17:06:48 - [1721850] ----D- C:\Program Files\Traction Software O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 22/02/2009 - 03:36:40 - [4419897009] ----D- C:\Program Files\Universalis 9 O43 - CFD: 19/09/2008 - 22:31:40 - [50104454] ----D- C:\Program Files\VideoLAN O43 - CFD: 27/10/2011 - 14:19:56 - [126747722] ----D- C:\Program Files\vso O43 - CFD: 21/10/2011 - 20:29:46 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 21/10/2011 - 20:29:44 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 21/10/2011 - 20:29:44 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 21/10/2011 - 20:29:44 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 23/10/2011 - 11:05:32 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 21/10/2011 - 20:29:44 - [4498121] ----D- C:\Program Files\Windows Media Player O43 - CFD: 19/09/2008 - 18:48:42 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 21/10/2011 - 20:29:44 - [13528738] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 23/10/2011 - 11:05:34 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 21/10/2011 - 20:29:46 - [6674851] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 22/02/2010 - 22:53:44 - [3726887] ----D- C:\Program Files\WinRAR O43 - CFD: 04/10/2008 - 17:13:36 - [175] --H-D- C:\Program Files\Zero G Registry O43 - CFD: 29/10/2011 - 13:31:14 - [4244456] ----D- C:\Program Files\ZHPDiag O43 - CFD: 08/10/2011 - 12:44:46 - [6347682] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 19/09/2008 - 19:02:28 - [469525] ----D- C:\Program Files\Common Files\Hewlett-Packard O43 - CFD: 21/12/2009 - 01:00:02 - [5280332] ----D- C:\Program Files\Common Files\HP O43 - CFD: 25/05/2008 - 13:04:40 - [10110139] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 21/10/2011 - 11:50:22 - [47526965] ----D- C:\Program Files\Common Files\Java O43 - CFD: 09/10/2009 - 19:09:32 - [32098366] ---AD- C:\Program Files\Common Files\LightScribe O43 - CFD: 25/05/2008 - 12:49:34 - [56683] ---AD- C:\Program Files\Common Files\LS Getting Started O43 - CFD: 22/02/2010 - 23:21:44 - [222154713] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 25/05/2008 - 12:50:04 - [49413198] ----D- C:\Program Files\Common Files\muvee Technologies O43 - CFD: 27/10/2011 - 11:27:44 - [4346720] ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 25/10/2011 - 10:22:58 - [0] ----D- C:\Program Files\Common Files\Real O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 26/07/2009 - 21:25:10 - [1959208] ----D- C:\Program Files\Common Files\Skype O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 23/10/2011 - 15:41:34 - [419624] ----D- C:\Program Files\Common Files\Steam O43 - CFD: 19/09/2008 - 20:09:36 - [498856] ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 21/10/2011 - 20:29:44 - [8737810] ----D- C:\Program Files\Common Files\System O43 - CFD: 25/10/2011 - 10:23:28 - [352256] ----D- C:\Program Files\Common Files\xing shared O43 - CFD: 08/10/2011 - 12:44:44 - [763] ----D- C:\ProgramData\Adobe O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 25/05/2008 - 12:42:36 - [2893592] ----D- C:\ProgramData\ATI O43 - CFD: 08/10/2011 - 12:35:12 - [6499190] ----D- C:\ProgramData\AVAST Software O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 29/09/2008 - 21:21:26 - [4243] ----D- C:\ProgramData\CyberLink O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 21/09/2008 - 20:05:22 - [0] ----D- C:\ProgramData\eMule O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 24/12/2009 - 23:59:24 - [1089335] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 25/12/2009 - 00:08:20 - [18368758] ----D- C:\ProgramData\HP O43 - CFD: 25/12/2009 - 00:03:54 - [8988] ----D- C:\ProgramData\HP Product Assistant O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 10/10/2008 - 00:41:12 - [236586863] -S--D- C:\ProgramData\Microsoft O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 25/05/2008 - 12:50:04 - [4460] ----D- C:\ProgramData\muvee Technologies O43 - CFD: 28/08/2009 - 14:10:48 - [26596640] ----D- C:\ProgramData\NOS O43 - CFD: 19/09/2008 - 19:30:34 - [189051] ----D- C:\ProgramData\NVIDIA O43 - CFD: 25/05/2008 - 12:55:10 - [1235] ----D- C:\ProgramData\PC-Doctor O43 - CFD: 25/05/2008 - 12:55:10 - [1991680] ----D- C:\ProgramData\PC-Doctor 5 for Windows O43 - CFD: 01/12/2009 - 20:58:34 - [166348] ----D- C:\ProgramData\Quark O43 - CFD: 21/10/2011 - 11:25:14 - [1657586] ----D- C:\ProgramData\Real O43 - CFD: 22/02/2010 - 23:22:48 - [19984] -SH-D- C:\ProgramData\SecuROM O43 - CFD: 26/07/2009 - 21:25:08 - [25777757] ----D- C:\ProgramData\Skype O43 - CFD: 28/10/2011 - 14:26:06 - [88243642] ----D- C:\ProgramData\Spyware Terminator O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 27/04/2010 - 22:36:26 - [191] ----D- C:\ProgramData\Sun O43 - CFD: 19/09/2008 - 20:06:28 - [2746] ----D- C:\ProgramData\Symantec O43 - CFD: 27/10/2011 - 15:28:04 - [36864] ---AD- C:\ProgramData\Temp O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 27/10/2011 - 16:40:32 - [387] ----D- C:\ProgramData\Vso O43 - CFD: 19/09/2008 - 19:12:20 - [243] ----D- C:\ProgramData\WEBREG O43 - CFD: 15/10/2011 - 19:22:44 - [1225108720] ----D- C:\ProgramData\WildTangent O43 - CFD: 21/09/2008 - 21:17:32 - [1665879] ----D- C:\Users\Gro ian\AppData\Roaming\Adobe O43 - CFD: 19/09/2008 - 18:58:18 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\ATI O43 - CFD: 29/10/2011 - 13:19:42 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Avira O43 - CFD: 08/10/2011 - 00:44:00 - [48593381] ----D- C:\Users\Gro ian\AppData\Roaming\Bioshock2 O43 - CFD: 20/03/2009 - 21:16:48 - [20] ----D- C:\Users\Gro ian\AppData\Roaming\CyberLink O43 - CFD: 09/10/2008 - 01:11:58 - [1382] ----D- C:\Users\Gro ian\AppData\Roaming\DAEMON Tools O43 - CFD: 20/03/2009 - 17:04:34 - [107050] ----D- C:\Users\Gro ian\AppData\Roaming\DataCast O43 - CFD: 27/10/2011 - 15:26:58 - [631] ----D- C:\Users\Gro ian\AppData\Roaming\dvdcss O43 - CFD: 21/09/2008 - 19:51:18 - [4862] ----D- C:\Users\Gro ian\AppData\Roaming\eMule O43 - CFD: 10/10/2011 - 15:24:58 - [5061849] ----D- C:\Users\Gro ian\AppData\Roaming\foobar2000 O43 - CFD: 20/06/2009 - 07:22:20 - [329437] ----D- C:\Users\Gro ian\AppData\Roaming\Hewlett-Packard O43 - CFD: 07/10/2008 - 18:35:42 - [251556] ----D- C:\Users\Gro ian\AppData\Roaming\HP O43 - CFD: 07/02/2010 - 20:58:44 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\HPAppData O43 - CFD: 22/10/2011 - 20:46:58 - [18625] ----D- C:\Users\Gro ian\AppData\Roaming\HpUpdate O43 - CFD: 19/09/2008 - 18:57:34 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Identities O43 - CFD: 19/09/2008 - 18:52:00 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\InstallShield O43 - CFD: 16/05/2009 - 11:05:10 - [379] ----D- C:\Users\Gro ian\AppData\Roaming\Leadertech O43 - CFD: 19/09/2008 - 18:53:16 - [3897407] ----D- C:\Users\Gro ian\AppData\Roaming\Macromedia O43 - CFD: 07/10/2008 - 19:06:54 - [6924] ----D- C:\Users\Gro ian\AppData\Roaming\Magic Academy O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Media Center Programs O43 - CFD: 28/10/2011 - 12:53:20 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Media Player Classic O43 - CFD: 14/06/2009 - 14:31:54 - [3018979] -S--D- C:\Users\Gro ian\AppData\Roaming\Microsoft O43 - CFD: 27/08/2009 - 13:16:20 - [4274645] ----D- C:\Users\Gro ian\AppData\Roaming\Mozilla O43 - CFD: 10/10/2011 - 15:15:02 - [5632] ----D- C:\Users\Gro ian\AppData\Roaming\muvee Technologies O43 - CFD: 29/10/2011 - 13:17:52 - [2832008] ----D- C:\Users\Gro ian\AppData\Roaming\OpenOffice.org2 O43 - CFD: 01/12/2009 - 21:01:24 - [48770] ----D- C:\Users\Gro ian\AppData\Roaming\Quark O43 - CFD: 27/10/2011 - 11:29:54 - [53435062] ----D- C:\Users\Gro ian\AppData\Roaming\Real O43 - CFD: 05/04/2010 - 17:36:52 - [2411799] ----D- C:\Users\Gro ian\AppData\Roaming\Samsung O43 - CFD: 25/06/2009 - 01:40:18 - [11777] R-H-D- C:\Users\Gro ian\AppData\Roaming\SecuROM O43 - CFD: 12/08/2009 - 21:55:58 - [1331916] ----D- C:\Users\Gro ian\AppData\Roaming\Skype O43 - CFD: 12/08/2009 - 18:26:46 - [42456] ----D- C:\Users\Gro ian\AppData\Roaming\skypePM O43 - CFD: 08/02/2009 - 19:24:46 - [10888344] ----D- C:\Users\Gro ian\AppData\Roaming\Sports Interactive O43 - CFD: 28/10/2011 - 13:00:04 - [316419] ----D- C:\Users\Gro ian\AppData\Roaming\Spyware Terminator O43 - CFD: 19/09/2008 - 18:58:16 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Symantec O43 - CFD: 24/09/2008 - 21:59:40 - [750956] ----D- C:\Users\Gro ian\AppData\Roaming\vlc O43 - CFD: 27/10/2011 - 16:40:32 - [15420] ----D- C:\Users\Gro ian\AppData\Roaming\Vso O43 - CFD: 19/09/2008 - 21:08:28 - [715] ----D- C:\Users\Gro ian\AppData\Roaming\WildTangent O43 - CFD: 10/06/2009 - 16:40:36 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\WinBatch O43 - CFD: 22/02/2010 - 22:54:14 - [12] ----D- C:\Users\Gro ian\AppData\Roaming\WinRAR O43 - CFD: 08/10/2011 - 12:44:12 - [5848099] ----D- C:\Users\Gro ian\AppData\Local\Adobe O43 - CFD: 19/09/2008 - 18:50:46 - [0] -SH-D- C:\Users\Gro ian\AppData\Local\Application Data O43 - CFD: 15/10/2011 - 19:22:46 - [4381] ----D- C:\Users\Gro ian\AppData\Local\ApplicationHistory O43 - CFD: 01/03/2009 - 21:43:08 - [1611] ----D- C:\Users\Gro ian\AppData\Local\ArmA O43 - CFD: 19/09/2008 - 18:58:18 - [28955] ----D- C:\Users\Gro ian\AppData\Local\ATI O43 - CFD: 21/09/2008 - 19:51:18 - [33396618] ----D- C:\Users\Gro ian\AppData\Local\eMule O43 - CFD: 28/12/2009 - 23:58:40 - [3485] ----D- C:\Users\Gro ian\AppData\Local\GHOSTBUSTERS O43 - CFD: 04/06/2010 - 19:09:58 - [5972628] ----D- C:\Users\Gro ian\AppData\Local\Google O43 - CFD: 20/09/2008 - 19:15:06 - [5262] ----D- C:\Users\Gro ian\AppData\Local\Hewlett-Packard O43 - CFD: 19/09/2008 - 18:50:46 - [0] -SH-D- C:\Users\Gro ian\AppData\Local\Historique O43 - CFD: 07/10/2008 - 18:15:54 - [4597110] ----D- C:\Users\Gro ian\AppData\Local\HP O43 - CFD: 22/06/2010 - 21:06:00 - [69254356] ----D- C:\Users\Gro ian\AppData\Local\Microsoft O43 - CFD: 20/09/2008 - 20:38:28 - [1631441] ----D- C:\Users\Gro ian\AppData\Local\Microsoft Games O43 - CFD: 10/10/2008 - 00:39:58 - [39143] ----D- C:\Users\Gro ian\AppData\Local\MigWiz O43 - CFD: 19/09/2008 - 19:21:06 - [48670864] ----D- C:\Users\Gro ian\AppData\Local\Mozilla O43 - CFD: 01/12/2009 - 21:01:24 - [312146] ----D- C:\Users\Gro ian\AppData\Local\Quark O43 - CFD: 11/11/2008 - 00:15:02 - [1867] ----D- C:\Users\Gro ian\AppData\Local\ratDVD O43 - CFD: 04/06/2010 - 19:07:58 - [0] ----D- C:\Users\Gro ian\AppData\Local\Real O43 - CFD: 10/02/2010 - 04:00:50 - [5938696] ----D- C:\Users\Gro ian\AppData\Local\Rockstar Games O43 - CFD: 29/10/2011 - 13:30:06 - [75838] ----D- C:\Users\Gro ian\AppData\Local\Temp O43 - CFD: 19/09/2008 - 18:50:46 - [0] -SH-D- C:\Users\Gro ian\AppData\Local\Temporary Internet Files O43 - CFD: 07/10/2008 - 18:19:10 - [1144934035] ----D- C:\Users\Gro ian\AppData\Local\VirtualStore O43 - CFD: 03/05/2010 - 15:00:44 - [44941] ----D- C:\Users\Gro ian\AppData\Local\Warhammer Mark of Chaos ~ Scan Program Folder in 00mn 24s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.9CCC90E8837186EFAC7906FDE941B123] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [144430] O44 - LFC:[MD5.DF8710BC7D45337837437DD7945DB515] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfc009.dat [784446] O44 - LFC:[MD5.984A6944012B9779B4999D6EC706FD3C] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [39692] O44 - LFC:[MD5.D2C935BD07EFCF25CBF87571A57CF535] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfh009.dat [1405718] O44 - LFC:[MD5.B537CAD543F10FF798C0D7E7AEFD7740] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [116488] O44 - LFC:[MD5.C05CF8C56868DEB29DA32E23425BA059] - 29/10/2011 - 12:21:49 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1149285] O44 - LFC:[MD5.7D16401CBE0F9E49F355BDC8DCE79BE9] - 29/10/2011 - 12:16:58 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.625DB955B10C13546A2A24B71E8FB96C] - 29/10/2011 - 08:59:09 ---A- . (...) -- C:\Windows\MEMORY.DMP [187088816] O44 - LFC:[MD5.8831252BCF05FCFB5ABD116A22E552D8] - 28/10/2011 - 11:59:41 ---A- . (...) -- C:\Windows\system32\drivers\sp_rsdrv2.sys [142592] O44 - LFC:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 27/10/2011 - 13:20:14 ---A- . (.VSO Software - low level access layer for CD/DVD/BD device.) -- C:\Windows\system32\drivers\pcouffin.sys [47360] O44 - LFC:[MD5.1D0316BEB736160D249C4F147261EC70] - 25/10/2011 - 09:23:17 ---A- . (.RealNetworks, Inc. - Real Player ActiveX Control.) -- C:\Windows\system32\rmoc3260.dll [198832] O44 - LFC:[MD5.33833B3EDA1B07EBD367FA9B38B23E60] - 25/10/2011 - 09:23:04 ---A- . (.RealNetworks, Inc. - 16 bit DirectX helper DLL.) -- C:\Windows\system32\pndx5016.dll [6656] O44 - LFC:[MD5.B74E422BC81236042529DC8A42A18423] - 25/10/2011 - 09:23:04 ---A- . (.RealNetworks, Inc. - 32 bit DirectX helper DLL.) -- C:\Windows\system32\pndx5032.dll [5632] O44 - LFC:[MD5.B4EB68502E52EBDC0B2C55EA3445284C] - 25/10/2011 - 09:23:03 ---A- . (.Progressive Networks - Pas de description.) -- C:\Windows\system32\pncrt.dll [272896] O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 23/10/2011 - 14:48:44 ---A- . (...) -- C:\Windows\system32\icrav03.rat [8798] O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 23/10/2011 - 14:48:44 ---A- . (...) -- C:\Windows\system32\ticrf.rat [1988] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 23/10/2011 - 14:48:37 ---A- . (...) -- C:\Windows\system32\ieuinit.inf [72822] O44 - LFC:[MD5.7D0FB26D5CACBED6D9BE0B960C1F5CD6] - 23/10/2011 - 10:07:44 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [337752] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/10/2011 - 10:05:25 --HA- . (...) -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/10/2011 - 10:05:08 --HA- . (...) -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf [0] O44 - LFC:[MD5.FB724E1170D41C52038B14E283AB13B0] - 22/10/2011 - 19:43:53 ---A- . (...) -- C:\updatedatfix.log [734] O44 - LFC:[MD5.2C536D41DCE213E1D449F18B3D41EA55] - 21/10/2011 - 12:58:43 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl [414368] O44 - LFC:[MD5.D248D0DB24D9E01AA7F2E42A9758E8C0] - 21/10/2011 - 10:49:35 ---A- . (...) -- C:\Windows\system32\jupdate-1.6.0_29-b11.log [3075] O44 - LFC:[MD5.9A7E344C3D52EE1A2EF003B33B1C1BF1] - 21/10/2011 - 10:40:15 ---A- . (.Microsoft - NPS Migration Plugin.) -- C:\Windows\system32\IasMigPlugin.dll [454144] O44 - LFC:[MD5.358A03A7A47F0AD71E84306AC635A626] - 21/10/2011 - 10:40:06 ---A- . (.Pas de propriétaire - Programme d'authentification du périphériqu.) -- C:\Windows\system32\EhStorAuthn.dll [117248] O44 - LFC:[MD5.81638E6E467193699B5A800732ECBDE4] - 21/10/2011 - 10:39:18 ---A- . (.Microsoft - Classe d’assistance SMB (partage de fichier.) -- C:\Windows\system32\SMBHelperClass.dll [83456] O44 - LFC:[MD5.20143FD619C185E13E170E91AB304477] - 17/10/2011 - 16:04:38 ---A- . (...) -- C:\Windows\SIERRA.INI [301] O44 - LFC:[MD5.F99DDD5E4F807B43E8B85DCD5F4B59EA] - 10/10/2011 - 13:37:06 ---A- . (.Microsoft - Legacy GDF resource DLL.) -- C:\Windows\system32\GameUXLegacyGDFs.dll [4240384] O44 - LFC:[MD5.FA4B5940B31853ADE67A73026884C8C9] - 09/10/2011 - 18:13:47 ---A- . (.Microsoft Corporation - Bibliothèque d'assistance au déploiement de.) -- C:\Windows\system32\dfshim.dll [1130824] O44 - LFC:[MD5.54F73529D65E5EB41FFC28C4EDDF069F] - 09/10/2011 - 08:27:15 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\system32\atmlib.dll [34304] O44 - LFC:[MD5.B44A7AC9E801C38F54F7340351313E85] - 09/10/2011 - 08:27:15 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\system32\atmfd.dll [292864] O44 - LFC:[MD5.3F337DD54339BEAF26917D3A0A32C1DE] - 09/10/2011 - 08:25:39 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll [81920] O44 - LFC:[MD5.0857BDD856888D78E6E991CDDA49A4B8] - 09/10/2011 - 08:23:29 ---A- . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\system32\l3codecp.acm [220672] O44 - LFC:[MD5.8A64A3F68F0E24917759852C842DCD74] - 09/10/2011 - 08:23:29 ---A- . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\system32\l3codeca.acm [62464] O44 - LFC:[MD5.C47623FFD181A1E7D63574DDE2A0A711] - 08/10/2011 - 11:35:51 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568] O44 - LFC:[MD5.748AE7F2D7DA33ADB063FE05704A9969] - 08/10/2011 - 11:35:51 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [320856] O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 08/10/2011 - 11:35:50 ---A- . (...) -- C:\Windows\system32\config.nt [2577] O44 - LFC:[MD5.4804753A4EC7D67CC22D226BFFD1C1E3] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54616] O44 - LFC:[MD5.CA9925CE1DBD07FFE1EB357752CF5577] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52568] O44 - LFC:[MD5.36239E24470A3DD81FAE37510953CC6C] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392] O44 - LFC:[MD5.CAA846E9C83836BDC3D2D700C678DB65] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [442200] O44 - LFC:[MD5.701A5948B60452EF6CF06C2900C3B9EA] - 08/10/2011 - 11:35:26 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [41184] O44 - LFC:[MD5.37CCBB62A3D8FE3903CD2CBFC711895C] - 08/10/2011 - 11:35:25 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\system32\aswBoot.exe [199304] O44 - LFC:[MD5.ABA0F3AF163878E5E64248A92A8ECCA8] - 08/10/2011 - 10:29:55 ---A- . (...) -- C:\Windows\system32\jupdate-1.6.0_26-b03.log [6310] O44 - LFC:[MD5.AFBF77A659ABEA37EBE3994656970CF2] - 03/10/2011 - 04:06:16 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [157472] O44 - LFC:[MD5.9225A1067BC2858575B9787BB3ECC4FD] - 03/10/2011 - 04:06:15 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [145184] O44 - LFC:[MD5.9D1379B60113E70C75592B02538E84D6] - 03/10/2011 - 04:06:14 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\java.exe [145184] O44 - LFC:[MD5.3107D5460A32130EAFE9BEAA12EE2251] - 03/10/2011 - 04:06:03 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [472808] O44 - LFC:[MD5.F6D48AE1F578493D2E19DD644B153976] - 01/08/2009 - 07:27:37 ---A- . (...) -- C:\Windows\system32\winrm.vbs [201184] O44 - LFC:[MD5.B2EDF82825D979928AE07CBE9C7A2160] - 16/07/2009 - 18:30:03 ---A- . (...) -- C:\Windows\system32\WsmTxt.xsl [2426] O44 - LFC:[MD5.3C436603213561E2E7DD3D4459DBB7D4] - 16/07/2009 - 18:30:03 ---A- . (...) -- C:\Windows\system32\wsmanconfig_schema.xml [4675] O44 - LFC:[MD5.18B2C06EF8DC3FAF83C074089024391E] - 11/07/2009 - 18:03:56 ---A- . (...) -- C:\Windows\system32\wlan.tmf [2501921] O44 - LFC:[MD5.52CB0185C73E1BA86CC7F726F22523C3] - 11/04/2009 - 07:28:21 ---A- . (...) -- C:\Windows\system32\msjetoledb40.dll [368640] O44 - LFC:[MD5.AD4C3968CE1DB3A3A4632E1CDECA9555] - 11/04/2009 - 05:48:19 ---A- . (...) -- C:\Windows\system32\eaphost.tmf [344698] O44 - LFC:[MD5.A3EB38D309C5682BBA0E23732C5D4AF2] - 11/04/2009 - 05:46:15 ---A- . (...) -- C:\Windows\system32\WFP.TMF [208966] O44 - LFC:[MD5.4DF0D81B2B19B87DBFF241619DCDDC31] - 11/04/2009 - 05:43:51 ---A- . (...) -- C:\Windows\system32\dot3.tmf [442788] O44 - LFC:[MD5.16D06DC26B8BD160AD81EE271D9577D8] - 11/04/2009 - 05:43:37 ---A- . (...) -- C:\Windows\system32\onex.tmf [392170] O44 - LFC:[MD5.E9E66706083BFE4B0070EE0A5E8D42DB] - 11/04/2009 - 02:59:51 ---A- . (...) -- C:\Windows\system32\StructuredQuerySchema.bin [107612] O44 - LFC:[MD5.B51BF7934D2B657454F66035AA5BFA03] - 11/04/2009 - 02:54:25 ---A- . (...) -- C:\Windows\system32\locale.nls [3662128] O44 - LFC:[MD5.75DFEB04C0C978810720283C1B5CD7B1] - 07/03/2009 - 02:11:16 ---A- . (...) -- C:\Windows\system32\systemsf.ebd [130008] O44 - LFC:[MD5.07400BC21119204892795F015052CDF4] - 20/02/2009 - 01:20:51 ---A- . (...) -- C:\Windows\system32\RacUR.xml [9212] O44 - LFC:[MD5.6F7C27002EA0F9496070A1150C977DEC] - 20/02/2009 - 01:20:51 ---A- . (...) -- C:\Windows\system32\spcinstrumentation.man [9239] O44 - LFC:[MD5.4C58B5E71FEEFD18BB7F537343C7219A] - 18/02/2009 - 19:43:18 ---A- . (...) -- C:\Windows\system32\RacUREx.xml [153] O44 - LFC:[MD5.BCDBB5CEA1E8AEA0FA353691EB003728] - 18/02/2009 - 19:39:57 ---A- . (...) -- C:\Windows\system32\slmgr.vbs [92918] O44 - LFC:[MD5.D07E5384D2B4E71F7D49C9F334D69284] - 27/05/2008 - 05:59:40 ---A- . (...) -- C:\Windows\system32\StructuredQuerySchemaTrivial.bin [18904] O44 - LFC:[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - 08/11/2007 - 10:04:45 ---A- . (...) -- C:\Windows\system32\korwbrkr.lex [11967524] ~ Scan Files in 00mn 33s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{140b194a-559a-11df-ad84-00221507e036}\AutoRun\command. (...) -- K:\wdsync.exe (.not file.) O51 - MPSK:{94e74665-0fc5-11de-ab70-00221507e036}\AutoRun\command - Clé orpheline O51 - MPSK:{e7d9ec61-958e-11dd-bdbe-00221507e036}\AutoRun\command. (...) -- M:\Support\AutoRun\AutoRun.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\system32\l3codecp.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968] O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600] O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432] O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560] O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464] O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416] O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928] O58 - SDL:[MD5.C47623FFD181A1E7D63574DDE2A0A711] - 08/10/2011 - 21:36:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568] O58 - SDL:[MD5.4804753A4EC7D67CC22D226BFFD1C1E3] - 08/10/2011 - 21:36:26 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54616] O58 - SDL:[MD5.36239E24470A3DD81FAE37510953CC6C] - 08/10/2011 - 21:36:38 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392] O58 - SDL:[MD5.CAA846E9C83836BDC3D2D700C678DB65] - 08/10/2011 - 21:38:05 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [442200] O58 - SDL:[MD5.748AE7F2D7DA33ADB063FE05704A9969] - 08/10/2011 - 21:37:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [320856] O58 - SDL:[MD5.CA9925CE1DBD07FFE1EB357752CF5577] - 08/10/2011 - 21:36:36 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52568] O58 - SDL:[MD5.38973519D2A61E33E49A09C6B05621CD] - 25/05/2008 - 01:53:20 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [3520512] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584] O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504] O58 - SDL:[MD5.37769C28E1C6489C56E41DB7A32D58C5] - 17/06/2009 - 16:56:40 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [327192] O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312] O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656] O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312] O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288] O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.B40539857021CB65C640FA18B9E40BB0] - 19/09/2008 - 13:01:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 175.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7465312] O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968] O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112] O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 27/10/2011 - 13:20:14 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Windows\system32\drivers\pcouffin.sys [47360] O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 25/05/2008 - 17:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\Windows\system32\drivers\PS2.sys [19072] O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.5D26CCB06E1F3B5C26E863DF3F4F2611] - 10/06/2009 - 16:03:48 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2152088] O58 - SDL:[MD5.ABBE0F54BA3A378262C9CB86CF7D91F8] - 25/05/2008 - 15:56:02 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [118784] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/10/2008 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [717296] O58 - SDL:[MD5.8831252BCF05FCFB5ABD116A22E552D8] - 28/10/2011 - 11:59:41 ---A- . (...) -- C:\Windows\system32\drivers\sp_rsdrv2.sys [142592] O58 - SDL:[MD5.5A1D0CA8A5F1E7B4EC50B9D76C001F0E] - 05/04/2010 - 10:11:16 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Device 1.0 Driver.) -- C:\Windows\system32\drivers\ss_bus.sys [83592] O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 05/04/2010 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cm.sys [12424] O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 05/04/2010 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cmnt.sys [12424] O58 - SDL:[MD5.F0A85580E36A3A85059037D39A9CF079] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Filter Driver.) -- C:\Windows\system32\drivers\ss_mdfl.sys [15112] O58 - SDL:[MD5.84C3DBFD1BFA4ADC0A950B3D5506CB00] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Driver.) -- C:\Windows\system32\drivers\ss_mdm.sys [109704] O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_wh.sys [12424] O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_whnt.sys [12424] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 05/04/2010 - 15:05:00 ---A- . (...) -- C:\Windows\system32\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024] O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ~ Scan Drivers in 00mn 02s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 06/09/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <Regedit.Document>[HKLM\..\open\Command] (...) -- c:\Winnt\Regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <Regedit.Document>[HKCR\..\open\Command] (...) -- c:\Winnt\Regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {242366AF-80F7-4DFF-8169-C948CA272752} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {32654C5A-909A-4920-9EAD-9D31FC5F3792} - (AOL Recherche) - http://slirsredirect.search.aol.com O69 - SBI: SearchScopes [HKCU] {8F00202E-3F8E-4026-9CF4-5C5D404AA43F} - (Kelkoo) - Voitures Et Motos | Comparer Prix & Acheter Voiture Et Moto - Kelkoo France O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9} - (DAEMON Search) - DAEMON-Search.com :: EXPLORE ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.254FBCA565E049648B0CCE2CEADF05D2] [sPRF][27/10/2011] (...) -- C:\Users\Gro ian\AppData\Roaming\inst.exe [87608] [MD5.5B6C11DE7E839C05248CED8825470FEF] [sPRF][27/10/2011] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\Gro ian\AppData\Roaming\pcouffin.sys [47360] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{8C052177-3D71-427F-8122-3B72997E90B4}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files\Cyberlink\PowerDirector\PDR.exe O87 - FAEL: "TCP Query User{D5940B08-68B1-4096-A64C-A95CD0064CE1}C:\program files\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "UDP Query User{5A42F6A4-90E6-44E5-BD16-032472D34A80}C:\program files\emule\emule.exe" | In - Private - P17 - FALSE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "{8BCB3F0E-CA42-4A30-862D-6C7F8DBA267D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe (.not file.) O87 - FAEL: "{F974D8E2-6BDC-438F-8321-CDF5E9FC8F22}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe (.not file.) O87 - FAEL: "{32313217-1411-420F-9B0F-AF54A1364016}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe (.not file.) O87 - FAEL: "{D269A3F6-7C45-4EAC-9CA9-A608395930D3}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe (.not file.) O87 - FAEL: "{B3B65CDB-8F8A-446D-A83E-BF41D5F368F0}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe (.not file.) O87 - FAEL: "{81CB45F8-247A-4A80-B251-B78BE699FBAD}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe (.not file.) O87 - FAEL: "{967E89FD-A862-4F17-82DE-30243E745B97}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe (.not file.) O87 - FAEL: "{2A994EFF-D668-456B-BE5B-539043983F0B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe (.not file.) O87 - FAEL: "TCP Query User{7B73471C-4175-4A1C-8F48-2500E6F04423}C:\program files\emule\emule.exe" | In - Public - P6 - FALSE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "UDP Query User{A5767F8B-EA8C-46F3-8082-F2338159F127}C:\program files\emule\emule.exe" | In - Public - P17 - FALSE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "TCP Query User{6B223150-D6B6-42CF-98DE-AF55B9F63A9E}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\thq\dawn of war - soulstorm\soulstorm.exe (.not file.) O87 - FAEL: "UDP Query User{AB60F2C0-7FDD-4CEB-B65F-83EC805CA4FB}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\thq\dawn of war - soulstorm\soulstorm.exe (.not file.) O87 - FAEL: "TCP Query User{C28B611B-809A-439E-AA24-4693671856ED}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe (.not file.) O87 - FAEL: "UDP Query User{35EF8499-3CA4-43B4-9A7B-4AE492FFB965}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe (.not file.) O87 - FAEL: "{C22D7154-CA9A-4870-9F37-023AA7BA351E}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.) O87 - FAEL: "{19D24194-AE38-4322-8212-55207FF38BFC}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.) O87 - FAEL: "{76CEBD95-2072-49B8-8BA3-BEA201D88E9D}" | In - Public - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe O87 - FAEL: "{833C4168-9F1F-4C86-BB0D-CA6A7FE6C71B}" | In - Public - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe O87 - FAEL: "TCP Query User{D9D5EF40-4D83-4205-8744-79076479A64F}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\ubisoft\heroes of might and magic v - tribes O87 - FAEL: "UDP Query User{57B2D4F7-0C4E-49E6-9B86-2292532D9038}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\ubisoft\heroes of might and magic v - tribe O87 - FAEL: "{8312D59D-710D-4BFA-B983-17E9780C9783}" | In - Private - P6 - TRUE | .(.Monolith Productions, Inc. - F.E.A.R..) -- C:\Program Files\Sierra\FEARCombat\FEARMP.exe O87 - FAEL: "{71644499-4DDE-427E-AF3D-B042B78E0DCB}" | In - Private - P17 - TRUE | .(.Monolith Productions, Inc. - F.E.A.R..) -- C:\Program Files\Sierra\FEARCombat\FEARMP.exe O87 - FAEL: "{7B67770B-5AF6-4C58-9D80-65E6FD05D00D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (.not file.) O87 - FAEL: "{BE3F4F03-D2B8-4BA7-B5A0-570D1A71AAA6}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (.not file.) O87 - FAEL: "{55D4BF6D-0700-40DB-ACD0-B8EDC27B07A7}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O87 - FAEL: "{0BFE84DE-58BC-45E1-B81B-74BB5F38B8BD}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe (.not file.) O87 - FAEL: "{670487AB-7F7A-4CAF-B8F6-65C07F3C094E}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe (.not file.) O87 - FAEL: "{6E4A0FEF-3976-4A62-B8C7-4C8B288E4A0D}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe (.not file.) O87 - FAEL: "{7E4B9AE0-27F2-4C71-B778-1D4CCEA2644C}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\TSMAgent.exe (.not file.) O87 - FAEL: "{AF6971E2-00D0-4CFE-AB03-F879483288D7}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe (.not file.) O87 - FAEL: "{52491F82-B3E1-49CF-896F-E69CA166F490}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe O87 - FAEL: "{8FF70E9B-C9AD-4D78-8041-B8C108DD48C1}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.) O87 - FAEL: "{A60F6F60-ABB5-44B7-A8BC-59BEA7455B24}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.) O87 - FAEL: "{C2CD0F89-7731-436F-A70B-8881B0D84EB8}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe O87 - FAEL: "TCP Query User{F51BDF3E-E90A-4C8F-AE05-4EC07C1DD919}C:\program files\namco bandai games\warhammer® mark of chaos\warhammer.exe" | In - Public - P6 - TRUE | .(.Black Hole Entertainment.) -- C:\program files\namco bandai games\warhammer® mark O87 - FAEL: "UDP Query User{85446F0F-EDF7-4477-A3A7-57AB5C3A3721}C:\program files\namco bandai games\warhammer® mark of chaos\warhammer.exe" | In - Public - P17 - TRUE | .(.Black Hole Entertainment.) -- C:\program files\namco bandai games\warhammer® mark O87 - FAEL: "TCP Query User{C02D70A1-20EE-49BA-902D-47D23A95376A}F:\program files\spyware terminator\spywareterminatorupdate.exe" | In - Public - P6 - TRUE | .(.Crawler.com.) -- F:\program files\spyware terminator\spywareterminatorupdate.exe O87 - FAEL: "UDP Query User{286E1A0A-8F83-4BCA-B680-580F94CEBC97}F:\program files\spyware terminator\spywareterminatorupdate.exe" | In - Public - P17 - TRUE | .(.Crawler.com.) -- F:\program files\spyware terminator\spywareterminatorupdate.exe ~ Scan Firewall in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : 8789 - (28/10/2011) Clés trouvées (Keys found) : 4 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\AppID\WMHelper.DLL] =>PUP.BearShare [HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}] =>PUP.iMesh [HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] =>Adware.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar] =>Toolbar.Agent [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent C:\Program Files\DAEMON Tools Toolbar =>Toolbar.Agent ~ Scan Additionnel in 00mn 06s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 25/05/2008 655360 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe SR - | Auto 06/09/2011 44768 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SS - | Demand 25/05/2008 165416 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe SS - | Demand 0 | (getPlus® Helper) . (...) - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe SS - | Auto 04/06/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 04/06/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 25/05/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe SR - | Auto 10/06/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe SR - | Auto 09/10/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe SR - | Auto 19/09/2008 118784 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 08/10/2011 496128 | (sp_rssrv) . (.Crawler.com.) - F:\Program Files\Spyware Terminator\sp_rsser.exe SS - | Demand 03/05/2010 419624 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 00mn 07s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ Scan MBR in 00mn 09s ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 27/10/2011 - 13:20:14 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Windows\system32\drivers\pcouffin.sys [47360] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/10/2008 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [717296] ~ Scan Emulateurs in 00mn 11s End of the scan (1337 lines in 01mn 27s)(0)
-
merci pour vos réponses, ça me rassure!
-
ordi qui déconne, aidez moi svp!
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
c'est fait. merci bien pour votre aide. en esperant ne plus avoir de soucis cordialement. -
Bonjour, Il y a ces dossiers sous C:\ qui me paraissent étranges ... voici leurs noms: 9c06c3ac0d4b7d6b29354c77b9 contenant 2 dossiers amd64 et i386 98fecc3bad5b3f43c7 (vide) I386 contenant 6234 fichiers et 67 dossiers .de quoi s'agit il??? .il y a egalement une icône "UNWISE application", c'est quoi? Est ce que c'est normal ou pas? Merci d'avance!
-
ordi qui déconne, aidez moi svp!
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
Bonjour, Oui j'ai effectué ce que vous m'avez dit dans votre dernier msg cependant, Toolscleaner a bien nettoyé zhpdiag mais il reste toujours otl, javara et tdsskiller ... dois je les supprimer??? Et pardon d'insister mais est ce que je dois aussi retourner dans poste de travail pour remettre tout comme avant (dossiers cachés, extension des fichiers dont le type est connu, masquer les fichiers proteges du systeme d'exploitation) dois je remettre les parametres par defaut????????? Enfin, que me conseillez vous comme protection? J'ai une version d'essai d'avast que je renouvelle tous les mois mais visiblement il n'est pas très efficace!? Merci encore pour votre aide qui m'as été précieuse!http://forum.zebulon.fr/public/style_extra/post_icons/icon1.gif ps: je viens de me rendre compte à l'instant que googleanalytics s'ouvre tjs! argh http://forum.zebulon.fr/public/style_extra/post_icons/icon8.gif -
ordi qui déconne, aidez moi svp!
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
Bonsoir, J'ai fait ce que vous m'avez dit. Oui effectivement j'ai d'autres questions à vous poser en esperant ne pas abuser de votre aide déjà bien généreuse. .Pour commencer, est ce qu'après toutes ces manipulations mon ordi est désinfecté? .Ensuite comment ne plus avoir de soucis (quel antivirus quel autre programmes me conseillez vous?) .Je voulais d'ailleurs savoir si je dois supprimer tdsskiller, otl et javara ou bien les conserver? idem avec les rapports? .Concernant l'autorun, dois-je le réactiver? si oui comment? .Dois je remettre tout comme avant sous postedetravail>outils>optionsdesdossiers>affichage? .En encore une question, il y a plusieurs dossiers qui m'ont interpellé dans c:\ voici leurs noms: 9c06c3ac0d4b7d6b29354c77b9 contenant 2 dossiers amd64 et i386 98fecc3bad5b3f43c7 (vide) I386 contenant 6234 fichiers et 67 dossiers .de quoi s'agit il??? .il y a egalement une icône "UNWISE application", c'est quoi? Merci encore une fois pour le temps consacré! en attendant votre réponse cordialement -
ordi qui déconne, aidez moi svp!
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
Bonjour, Non désolé, je n'ai pas la moindre idée de ce que c'est O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.81,93.188.161.221 Alors, j'ai fait comme indiqué, tout c'est bien passé, à part lorsque dans javara j'ai cliqué sur "effacer les fichiers JRE inutiles", une fenêtre s'est ouverte disant: "klar att söka efter meningslös JRE filer" OK ne parlant pas le suédois, ou je ne sais quoi, j'ai cliqué sur ok et suis revenu sur la page précedente ... J'ai malgré tout continué sans tenir compte de cette curiosité. Voici le rapport de javara: JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Sat Dec 11 14:44:50 2010 Found and removed: C:\Program Files\Java\jre1.5.0_03 Found and removed: Software\JavaSoft\Java2D\1.5.0_03 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510003 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510003 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510003 Found and removed: SOFTWARE\Classes\JavaPlugin.150_03 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_03 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_03 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150030} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_03 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_03\ Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500} ------------------------------------ Finished reporting. ensuite voici le rapport de vt (je précise que vous m'aviez indiqué ceci: cliquez sur parcourir pour trouver ces fichiers C:\WINDOWS\System32\ir32_32.dll C:\WINDOWS\System32\ir32_32.dll] hors il s'agit d'un seul fichier je présume puisque vous avez écrit deux fois la même chose?) 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: ir32_32.dll Submission date: 2010-12-11 13:56:33 (UTC) Current status: finished Result: 0/ 41 (0.0%) VT Community not reviewed Safety score: - Compact Print results Antivirus Version Last Update Result AhnLab-V3 2010.12.11.00 2010.12.10 - AntiVir 7.10.14.255 2010.12.10 - Antiy-AVL 2.0.3.7 2010.12.11 - Avast 4.8.1351.0 2010.12.11 - Avast5 5.0.677.0 2010.12.11 - AVG 9.0.0.851 2010.12.11 - BitDefender 7.2 2010.12.11 - CAT-QuickHeal 11.00 2010.12.11 - ClamAV 0.96.4.0 2010.12.11 - Command 5.2.11.5 2010.12.11 - Comodo 7021 2010.12.11 - DrWeb 5.0.2.03300 2010.12.11 - eSafe 7.0.17.0 2010.12.09 - eTrust-Vet 36.1.8034 2010.12.10 - F-Prot 4.6.2.117 2010.12.11 - F-Secure 9.0.16160.0 2010.12.11 - Fortinet 4.2.254.0 2010.12.11 - GData 21 2010.12.11 - Ikarus T3.1.1.90.0 2010.12.11 - Jiangmin 13.0.900 2010.12.11 - K7AntiVirus 9.71.3211 2010.12.10 - McAfee 5.400.0.1158 2010.12.11 - McAfee-GW-Edition 2010.1C 2010.12.11 - Microsoft 1.6402 2010.12.11 - NOD32 5693 2010.12.10 - Norman 6.06.12 2010.12.11 - nProtect 2010-12-10.01 2010.12.10 - Panda 10.0.2.7 2010.12.11 - PCTools 7.0.3.5 2010.12.11 - Prevx 3.0 2010.12.11 - Rising 22.77.04.00 2010.12.11 - Sophos 4.60.0 2010.12.11 - SUPERAntiSpyware 4.40.0.1006 2010.12.11 - Symantec 20101.3.0.103 2010.12.11 - TheHacker 6.7.0.1.098 2010.12.11 - TrendMicro 9.120.0.1004 2010.12.11 - TrendMicro-HouseCall 9.120.0.1004 2010.12.11 - VBA32 3.12.14.2 2010.12.10 - VIPRE 7603 2010.12.11 - ViRobot 2010.12.11.4196 2010.12.11 - VirusBuster 13.6.87.0 2010.12.11 - Additional informationShow all MD5 : b0c4135adc1d3962b39f1a128d86cd49 SHA1 : ba35d1522109cb24804fcfa8bd4156f260d21ba6 SHA256: e8234056bef5cb6fb16ebb3e58aabea96a3311dda5c770a533d26652fb85a35b VT Community This file has never been reviewed by any VT Community member. Be the first one to comment on it! VirusTotal Team et voilà le rapport d'OTL: All processes killed ========== OTL ========== Service HidServ stopped successfully! Service HidServ deleted successfully! File C:\WINDOWS\System32\hidserv.dll not found. Service AppMgmt stopped successfully! Service AppMgmt deleted successfully! File C:\WINDOWS\System32\appmgmts.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6e454792-2f36-46d3-bb20-4be949b6fb8a}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e454792-2f36-46d3-bb20-4be949b6fb8a}\ deleted successfully. C:\Program Files\ecouter-la-radio\tbeco0.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{6e454792-2f36-46d3-bb20-4be949b6fb8a} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e454792-2f36-46d3-bb20-4be949b6fb8a}\ not found. File la-radio\tbeco0.dll not found. Registry value HKEY_USERS\S-1-5-21-2391906574-2178107168-122006831-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6E454792-2F36-46D3-BB20-4BE949B6FB8A} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E454792-2F36-46D3-BB20-4BE949B6FB8A}\ not found. File la-radio\tbeco0.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CFSServ.exe deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully. File C:\Program Files\Java\jre1.5.0_03\bin\NPJPI150_03.dll not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7F9DB11C-E358-4ca6-A83D-ACC663939424}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F9DB11C-E358-4ca6-A83D-ACC663939424}\ not found. C:\Program Files\Bonjour\ExplorerPlugin.dll moved successfully. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\WINDOWS\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found. Starting removal of ActiveX control Microsoft XML Parser for Java Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF . Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully. File Protocol\Handler\ipp - No CLSID value found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully. File Protocol\Handler\msdaipp - No CLSID value found not found. AppMgmt removed from NetSvcs value successfully! HidServ removed from NetSvcs value successfully! Ias removed from NetSvcs value successfully! Iprip removed from NetSvcs value successfully! Irmon removed from NetSvcs value successfully! LanmanWorkstation removed from NetSvcs value successfully! Messenger removed from NetSvcs value successfully! Error: No service named Messenger was found to stop! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger deleted successfully. NWCWorkstation removed from NetSvcs value successfully! Nwsapagent removed from NetSvcs value successfully! WmdmPmSp removed from NetSvcs value successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\vidc.LEAD deleted successfully. ========== FILES ========== atapi.sys extracted to C:\ File C:\WINDOWS\system32\drivers\atapi.sys successfully replaced with c:\atapi.sys File\Folder [purity] not found. File\Folder [emptytemp] not found. File\Folder [resethosts] not found. File\Folder [Reboot] not found. OTL by OldTimer - Version 3.2.17.3 log created on 12112010_150156 Files\Folders moved on Reboot... Registry entries deleted on Reboot... voilà. je voulais également vous demander est ce que je dois retourner dans poste de travail>outils>options des dossiers>affichage pour remettre tout comme avant??? une autre question, j'ai remarqué un nouveau dossier %USERPROFILE% sur le bureau, qu'est ce que c'est? j'attends vos instructions. merci encore! -
ordi qui déconne, aidez moi svp!
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
et voici le rapport extras: OTL Extras logfile created on: 10/12/2010 19:14:09 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Alma Linda\Mes documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 502,00 Mb Total Physical Memory | 281,00 Mb Available Physical Memory | 56,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,53 Gb Total Space | 9,25 Gb Free Space | 12,41% Space Free | Partition Type: NTFS Computer Name: AMÉLINE | User Name: Alma Linda | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2391906574-2178107168-122006831-1006\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "20603:TCP" = 20603:TCP:*:Enabled:emule tcp ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater -- File not found "C:\Program Files\Toshiba\ConfigFree\CFXFER.exe" = C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION) "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.) "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- File not found "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net) "C:\WINDOWS\system32\spoolsv.exe" = C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv.exe -- (Microsoft Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player "{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan "{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600 "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA "{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy "{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant "{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax "{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare "{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp "{225AF9A1-B556-88D5-94AA-0010B5426419}" = My DSC "{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1 "{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload "{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2 "{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3 "{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour "{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext "{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility "{3EB6332B-AF02-457C-A31C-835458C5B48B}" = Manuels TOSHIBA "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme "{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = Formatage de carte mémoire SD TOSHIBA "{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password "{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0}" = TOSHIBA Power Saver Driver "{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls Driver "{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch "{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Utilitaire de zoom TOSHIBA "{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects "{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery "{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update "{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan "{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations "{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm "{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1 "{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility "{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics "{7B63B2922B174135AFC0E1377DD81EC2}" = "{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility "{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1 "{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver for Mobile "{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = Son virtuel TOSHIBA "{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = Pilote du DVD-RAM "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD "{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config "{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = Commandes TOSHIBA "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ADD31791-D676-4A7B-8FA8-A6EE7F1B4E5A}" = JourneySoftwarePromo "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director "{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help "{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg "{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{E0A96F36-D546-4A2A-BDAA-2A2A578B2C0D}" = Bonjour "{E18E644D-4FC1-4E7F-87B7-A0288A14A322}" = TIxx21/x515 "{E7310F2E-C551-4FAB-BA07-EAC2E158B1BB}" = IKEA Home Planner "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates "{FCE19796-1ADF-42DF-81D8-3563867FC2C2}" = TOSHIBA Zooming Hook "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "avast5" = avast! Free Antivirus "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup.divx.com" = Configuration DivX "ecouter-la-radio Toolbar" = ecouter-la-radio Toolbar "eMule" = eMule "foobar2000" = foobar2000 v1.0.3 "Google Chrome" = Google Chrome "Google Updater" = Outil de mise à jour Google "HijackThis" = HijackThis 2.0.2 "HP Photo & Imaging" = HP Image Zone 4.7 "HPExtendedCapabilities" = HP Extended Capabilities 4.7 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility "InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Mot de passe responsable "InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = Utilitaire Hotkey TOSHIBA "InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = Utilitaire TouchPad ON/OFF "InstallShield_{E0A96F36-D546-4A2A-BDAA-2A2A578B2C0D}" = Bonjour "InstallShield_{E18E644D-4FC1-4E7F-87B7-A0288A14A322}" = Texas Instruments PCIxx21/x515 drivers. "Le code de la route" = Le code de la route "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Media Player Classic" = Media Player Classic fr "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Outil de diagnostic PC" = Outil de diagnostic PC TOSHIBA "Power Saver" = Gestion d'énergie TOSHIBA "Q828026" = Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations] "QuickTime" = QuickTime "RealAlt_is1" = Real Alternative 1.48 "SFR_Kit" = SFR - Kit de connexion "TOSHIBA Software Modem" = TOSHIBA Software Modem "Utilitaires Sierra" = Utilitaires Sierra "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Xvid_is1" = Xvid 1.1.2 final uninstall "ZHPDiag_is1" = ZHPDiag 1.27 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 10/12/2010 04:37:26 | Computer Name = AMÉLINE | Source = crypt32 | ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : A connection with the server could not be established Error - 10/12/2010 04:37:27 | Computer Name = AMÉLINE | Source = crypt32 | ID = 131083 Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. Error - 10/12/2010 04:37:27 | Computer Name = AMÉLINE | Source = crypt32 | ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : Cette connexion réseau n'existe pas. Error - 10/12/2010 07:22:44 | Computer Name = AMÉLINE | Source = crypt32 | ID = 131083 Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. Error - 10/12/2010 07:22:44 | Computer Name = AMÉLINE | Source = crypt32 | ID = 131083 Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. Error - 10/12/2010 07:22:59 | Computer Name = AMÉLINE | Source = crypt32 | ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : Cette opération s'est terminée car le délai d'attente a expiré. Error - 10/12/2010 07:23:00 | Computer Name = AMÉLINE | Source = crypt32 | ID = 131083 Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. Error - 10/12/2010 07:23:00 | Computer Name = AMÉLINE | Source = crypt32 | ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : Le serveur spécifié ne peut pas exécuter l'opération demandée. Error - 10/12/2010 07:23:00 | Computer Name = AMÉLINE | Source = crypt32 | ID = 131083 Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. Error - 10/12/2010 07:23:01 | Computer Name = AMÉLINE | Source = crypt32 | ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : Le serveur spécifié ne peut pas exécuter l'opération demandée. [ System Events ] Error - 10/12/2010 07:16:13 | Computer Name = AMÉLINE | Source = Service Control Manager | ID = 7001 Description = Le service Service Bonjour dépend du service Pilote du protocole TCP/IP qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 10/12/2010 07:16:13 | Computer Name = AMÉLINE | Source = Service Control Manager | ID = 7001 Description = Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas pu démarrer en raison de l'erreur : %%31 Error - 10/12/2010 07:16:13 | Computer Name = AMÉLINE | Source = Service Control Manager | ID = 7026 Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : Aavmker4 AFD aswSP aswTdi Fips intelppm IPSec NetBT RasAcd SrvcSSIOMngr Tcpip Tcpip6 TPwSav Error - 10/12/2010 07:16:26 | Computer Name = AMÉLINE | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 10/12/2010 07:16:40 | Computer Name = AMÉLINE | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service netman avec les arguments "" pour démarrer le serveur : {BA126AE5-2166-11D1-B1D0-00805FC1270E} Error - 10/12/2010 07:17:49 | Computer Name = AMÉLINE | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 10/12/2010 07:19:04 | Computer Name = AMÉLINE | Source = Service Control Manager | ID = 7023 Description = Le service Services IPSEC s'est arrêté avec l'erreur : %%1747 Error - 10/12/2010 07:20:32 | Computer Name = AMÉLINE | Source = Service Control Manager | ID = 7022 Description = Le service Service Bonjour est en attente de démarrage. Error - 10/12/2010 07:43:51 | Computer Name = AMÉLINE | Source = Service Control Manager | ID = 7023 Description = Le service Services IPSEC s'est arrêté avec l'erreur : %%1747 Error - 10/12/2010 07:45:18 | Computer Name = AMÉLINE | Source = Service Control Manager | ID = 7022 Description = Le service Service Bonjour est en attente de démarrage. < End of report > j'attends les nouvelles instructions. Merci encore! -
ordi qui déconne, aidez moi svp!
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
Bonsoir, C'est fait, voici les rapports: otl: OTL logfile created on: 10/12/2010 19:14:09 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Alma Linda\Mes documents\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 502,00 Mb Total Physical Memory | 281,00 Mb Available Physical Memory | 56,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,53 Gb Total Space | 9,25 Gb Free Space | 12,41% Space Free | Partition Type: NTFS Computer Name: AMÉLINE | User Name: Alma Linda | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010/12/10 19:11:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Alma Linda\Mes documents\Downloads\OTL.scr PRC - [2010/09/23 03:47:16 | 000,349,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/06/03 01:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005/04/11 15:08:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2005/01/18 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2004/08/28 08:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe PRC - [2004/08/28 08:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe ========== Modules (SafeList) ========== MOD - [2010/12/10 19:11:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Alma Linda\Mes documents\Downloads\OTL.scr ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2005/01/18 00:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2004/08/28 08:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service) ========== Driver Services (SafeList) ========== DRV - [2010/12/09 20:55:19 | 000,096,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi) DRV - [2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010/09/07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/09/07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010/02/11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2005/11/19 02:13:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50) DRV - [2005/07/29 08:55:46 | 000,030,592 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2005/06/23 17:16:08 | 000,162,176 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005/06/21 06:08:44 | 002,324,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005/06/03 18:49:42 | 000,009,600 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav) DRV - [2005/06/02 11:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf) DRV - [2005/05/31 04:33:00 | 000,100,605 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa) DRV - [2005/05/31 04:33:00 | 000,098,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf) DRV - [2005/05/31 04:33:00 | 000,086,876 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs) DRV - [2005/05/31 04:33:00 | 000,034,845 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs) DRV - [2005/05/31 04:33:00 | 000,025,725 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio) DRV - [2005/05/31 04:33:00 | 000,015,069 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio) DRV - [2005/05/31 04:33:00 | 000,006,365 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool) DRV - [2005/05/31 04:33:00 | 000,004,125 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct) DRV - [2005/05/31 04:33:00 | 000,002,273 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres) DRV - [2005/05/13 09:37:28 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5) DRV - [2005/05/13 09:37:20 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln) DRV - [2005/04/30 15:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Pilote de carte de connexion réseau Intel® DRV - [2005/04/22 02:22:00 | 000,088,352 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb) DRV - [2005/04/21 01:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm) DRV - [2005/03/24 15:36:54 | 000,008,192 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec) DRV - [2005/03/05 13:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005/03/04 19:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2004/11/22 16:36:40 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5) DRV - [2004/11/16 00:22:08 | 000,101,874 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) DRV - [2004/07/30 14:05:08 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSIOMngr.sys -- (SrvcSSIOMngr) DRV - [2003/09/19 00:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003/09/10 22:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi) DRV - [2003/01/29 22:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) DRV - [2003/01/10 10:56:34 | 000,030,921 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SQCaptur.sys -- (DCamUSBSQTECH) Dual-Mode DSC(2770) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_url = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = Sign In IE - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search page = Bing IE - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\..\URLSearchHook: {6e454792-2f36-46d3-bb20-4be949b6fb8a} - C:\Program Files\ecouter-la-radio\tbeco0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/06/17 15:15:16 | 000,000,000 | ---D | M] [2007/05/02 17:21:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2007/02/17 20:15:57 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2006/10/22 23:24:32 | 000,091,768 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll [2006/01/28 01:57:22 | 000,139,305 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll [2006/01/28 01:56:18 | 000,081,967 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll O1 HOSTS File: ([2004/08/05 11:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll (SFR) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) O2 - BHO: (ecouter-la-radio Toolbar) - {6e454792-2f36-46d3-bb20-4be949b6fb8a} - C:\Program Files\ecouter-la-radio\tbeco0.dll (Conduit Ltd.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (ecouter-la-radio Toolbar) - {6e454792-2f36-46d3-bb20-4be949b6fb8a} - C:\Program Files\ecouter-la-radio\tbeco0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\..\Toolbar\ShellBrowser: (&Liens) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\..\Toolbar\WebBrowser: (&Liens) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\..\Toolbar\WebBrowser: (ecouter-la-radio Toolbar) - {6E454792-2F36-46D3-BB20-4BE949B6FB8A} - C:\Program Files\ecouter-la-radio\tbeco0.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CFSServ.exe] File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.) O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2391906574-2178107168-122006831-1006..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2391906574-2178107168-122006831-1006..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-2391906574-2178107168-122006831-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\NPJPI150_03.dll (Sun Microsystems, Inc.) O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Computer, Inc.) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03) O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.81,93.188.161.221 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-chargeur Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Démon de cache des catégories de composant - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Alma Linda\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alma Linda\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/09/16 07:37:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010/12/09 20:40:58 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: LanmanWorkstation - File not found NetSvcs: Messenger - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.LEAD - LCODCCMP.DLL File not found Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation) Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) ========== Files/Folders - Created Within 30 Days ========== [2010/12/10 12:38:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/12/10 12:38:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/12/10 12:38:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/12/10 12:35:58 | 000,000,000 | ---D | C] -- C:\22326 [2010/12/09 21:39:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alma Linda\Application Data\Malwarebytes [2010/12/09 21:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/12/09 20:50:00 | 000,000,000 | ---D | C] -- C:\tdsskiller [2010/12/09 20:40:58 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2010/12/09 20:32:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alma Linda\Local Settings\Application Data\Conduit [2010/12/09 19:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alma Linda\Mes documents\rapports [2010/12/09 10:32:04 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag [2010/11/29 11:13:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alma Linda\Mes documents\calendriermamy [2010/11/19 15:48:06 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2010/11/19 15:48:05 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2010/11/19 15:48:04 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2010/11/19 15:48:02 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2010/11/19 15:48:00 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2010/11/19 15:48:00 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2010/11/19 15:47:59 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2010/11/19 15:47:28 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2010/11/19 15:47:27 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/12/10 18:42:02 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/12/10 17:42:01 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/12/10 12:45:58 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/12/10 12:44:01 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2010/12/10 12:43:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/12/10 12:43:41 | 526,897,152 | -HS- | M] () -- C:\hiberfil.sys [2010/12/10 12:38:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/12/10 12:19:02 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010/12/09 20:55:19 | 000,096,512 | ---- | M] () -- C:\WINDOWS\System32\drivers\atapi.sys [2010/12/09 20:31:53 | 000,004,866 | ---- | M] () -- C:\UsbFix_Upload_Me_AMÉLINE.zip [2010/12/09 20:00:58 | 000,000,392 | ---- | M] () -- C:\Documents and Settings\Alma Linda\Bureau\regis.reg [2010/12/09 10:32:07 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk [2010/12/09 10:32:07 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk [2010/12/09 10:32:07 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk [2010/12/08 15:38:37 | 000,031,768 | ---- | M] () -- C:\Documents and Settings\Alma Linda\Application Data\wklnhst.dat [2010/12/04 15:25:38 | 000,057,839 | ---- | M] () -- C:\Documents and Settings\Alma Linda\Mes documents\2238_reglement.pdf [2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/11/21 08:49:08 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk [2010/11/20 13:04:03 | 000,280,064 | ---- | M] () -- C:\Documents and Settings\Alma Linda\Mes documents\article ouest fance isabelle.wps [2010/11/19 15:48:06 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk [2010/11/19 15:48:00 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/12/10 12:38:44 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/12/10 12:18:51 | 526,897,152 | -HS- | C] () -- C:\hiberfil.sys [2010/12/09 20:31:53 | 000,004,866 | ---- | C] () -- C:\UsbFix_Upload_Me_AMÉLINE.zip [2010/12/09 20:00:58 | 000,000,392 | ---- | C] () -- C:\Documents and Settings\Alma Linda\Bureau\regis.reg [2010/12/09 10:32:07 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk [2010/12/09 10:32:07 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk [2010/12/09 10:32:07 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk [2010/12/04 15:25:46 | 000,057,839 | ---- | C] () -- C:\Documents and Settings\Alma Linda\Mes documents\2238_reglement.pdf [2010/11/21 08:49:07 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk [2010/11/20 13:04:02 | 000,280,064 | ---- | C] () -- C:\Documents and Settings\Alma Linda\Mes documents\article ouest fance isabelle.wps [2010/11/19 15:48:06 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk [2009/07/31 20:40:48 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Alma Linda.ini [2008/03/28 12:16:50 | 000,016,081 | ---- | C] () -- C:\WINDOWS\German.ini [2007/06/07 19:04:10 | 000,000,299 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2007/04/23 17:36:01 | 000,007,441 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log [2007/04/16 20:11:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI [2007/03/25 21:40:06 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2007/03/25 21:40:06 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2006/05/13 14:52:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini [2006/02/01 12:14:57 | 000,218,624 | ---- | C] () -- C:\Documents and Settings\Alma Linda\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/01/27 19:03:46 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI [2006/01/02 23:46:55 | 000,031,768 | ---- | C] () -- C:\Documents and Settings\Alma Linda\Application Data\wklnhst.dat [2006/01/01 18:04:49 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Alma Linda\Local Settings\Application Data\fusioncache.dat [2005/09/19 08:57:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005/09/19 08:51:02 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini [2005/09/16 10:09:32 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005/09/16 09:58:25 | 000,000,236 | ---- | C] () -- C:\WINDOWS\wininit.ini [2005/09/16 09:56:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2005/09/16 09:56:17 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2005/09/16 09:56:17 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2005/09/16 09:56:17 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2005/09/16 09:56:17 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2005/09/16 09:56:17 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2005/09/16 09:56:17 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2005/09/16 09:52:00 | 000,051,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys [2005/09/16 09:52:00 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2005/09/16 09:31:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI [2005/09/16 09:30:06 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005/09/16 09:26:53 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL [2005/09/16 09:17:42 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2005/09/16 09:12:19 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2005/09/16 09:12:19 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2005/09/16 09:12:19 | 000,010,177 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2005/09/16 09:12:19 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2005/09/16 07:41:34 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini [2005/09/16 07:23:44 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2005/09/16 07:23:44 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005/08/11 03:02:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005/08/02 09:39:44 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll [2005/06/20 09:24:48 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll [2005/06/13 08:11:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2005/06/06 08:44:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll [2005/06/06 08:39:40 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll [2004/12/02 14:20:16 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2004/09/22 09:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [2004/08/03 23:59:44 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys [2004/07/20 16:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll [2004/01/15 13:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll [2004/01/14 02:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll [2003/07/29 14:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll ========== LOP Check ========== [2005/09/16 10:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\toshiba [2010/11/18 12:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2005/09/16 10:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba [2010/12/10 12:19:02 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > [2001/05/24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE < %ALLUSERSPROFILE%\Application Data\*. > [2010/10/13 07:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2010/11/18 12:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2010/07/24 13:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX [2009/01/02 14:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google [2010/12/09 21:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater [2007/10/22 15:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP [2010/02/14 16:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kodak [2010/12/10 12:41:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2010/12/09 21:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2006/11/21 14:11:54 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2007/01/29 18:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Motive [2010/06/01 20:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS [2006/01/02 14:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime [2007/03/22 16:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real [2005/09/16 07:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI [2007/02/11 20:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec [2007/02/12 00:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage < %ALLUSERSPROFILE%\Application Data\*.exe /s > [2010/05/29 10:20:56 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe [2010/05/29 10:21:23 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe [2010/06/17 20:05:46 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe [2010/07/24 13:03:17 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe [2010/02/06 18:29:32 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe [2010/02/06 18:30:06 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe [2010/05/29 10:21:45 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe [2010/07/24 13:03:52 | 000,056,765 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe [2010/05/29 10:21:44 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe [2010/05/29 10:21:47 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe [2010/05/29 10:21:49 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe [2010/05/29 10:21:51 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe [2010/06/17 20:05:32 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe [2010/05/29 10:21:22 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe [2010/07/24 13:03:51 | 000,057,715 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe [2010/05/29 10:21:07 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe [2010/09/17 10:09:29 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe [2010/07/24 13:00:58 | 000,895,256 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe [2010/06/17 20:05:44 | 000,054,644 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe [2010/05/29 10:22:03 | 000,084,040 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe [2010/06/17 20:06:18 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe [2010/06/17 20:06:28 | 000,056,997 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe < %appdata% *.exe /s > < MD5 for: AGP440.SYS > [2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys [2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008/11/19 15:50:20 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2008/11/19 15:50:20 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008/11/19 15:50:20 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008/11/19 15:50:20 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/05 11:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys [2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys [2010/12/09 20:55:19 | 000,096,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\atapi.sys < MD5 for: CDROM.SYS > [2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys [2004/08/05 11:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008/11/19 15:50:20 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2008/11/19 15:50:20 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 18:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004/08/05 11:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys < MD5 for: EVENTLOG.DLL > [2004/08/05 11:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: EXPLORER.EXE > [2004/08/05 11:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [2007/06/13 14:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2007/06/13 14:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe < MD5 for: NETLOGON.DLL > [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2004/08/05 11:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll [2004/08/05 11:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll < MD5 for: USERINIT.EXE > [2004/08/05 11:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe < %systemroot%\*. /mp /s > < End of report > -
ordi qui déconne, aidez moi svp!
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
Encore moi, je voulais savoir est ce normal que rkill s'ouvre tout seul plusieurs fois depuis que je l'ai installé? merci. -
ordi qui déconne, aidez moi svp!
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
Bonjour, Merci pour votre aide! Voilà les nouvelles: j'ai essayé mbam en mode sans échec, toujours le même msg d'erreur... J'ai donc téléchargé Rkill, voici le rapport: This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 10/12/2010 at 12:30:02. Operating System: Microsoft Windows XP Processes terminated by Rkill or while it was running: C:\WINDOWS\system32\rundll32.exe Rkill completed on 10/12/2010 at 12:30:06. J'ai ensuite désinstallé puis réinstallé mbam... ,réessayé de la lancer et c'est toujours pareil, le même message d'erreur.... Par ailleurs, en même temps que je vous écris, il y a cette maudite page de google analytic qui s'ouvre dans un autre onglet.... Que puis je faire maintenant? Merci d'avance -
ordi qui déconne, aidez moi svp!
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
Bonsoir, J'ai effectué toutes les manipulations indiquées, mais j'au un souci avec mbam Lorsque je lance les mises à jour, il y a un message d'erreur indiquant: une erreur s'est produite veuillez transmettre ce code d'erreur à notre équipe de support PROGRAM_ERROR_UPDATING 12007,0. WinHttpSendRequest" J'ai insisté plusieurs fois mais le même message s'affiche. J'ai donc stoppé là, que dois-faire???????? merci! sinon voici les rapports dans l'ordre: 1.²adremover scanner: ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 08/12/10 à 10:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 19:21:43 le 09/12/2010, Mode normal Microsoft Windows XP Édition familiale Service Pack 3 (X86) Alma Linda@AMÉLINE ( ) ============== RECHERCHE ============== Dossier trouvé: C:\Documents and Settings\Alma Linda\Local Settings\Application Data\Conduit Dossier trouvé: C:\Program Files\Conduit Dossier trouvé: C:\Documents and Settings\Alma Linda\Application Data\freeTVRadio Dossier trouvé: C:\Documents and Settings\Alma Linda\Application Data\EoRezo Dossier trouvé: C:\Documents and Settings\Administrateur\Application Data\EoRezo Dossier trouvé: C:\Program Files\EoRezo Dossier trouvé: C:\Documents and Settings\Alma Linda\Application Data\ItsLabel Clé trouvée: HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350} Clé trouvée: HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0} Clé trouvée: HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A} Clé trouvée: HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D} Clé trouvée: HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F} Clé trouvée: HKLM\Software\Classes\EoRezoBHO.EoBho Clé trouvée: HKLM\Software\Classes\EoRezoBHO.EoBho.1 Clé trouvée: HKLM\Software\Classes\Toolbar.CT2088315 Clé trouvée: HKLM\Software\EoRezo Clé trouvée: HKLM\Software\ItsLabel Clé trouvée: HKLM\Software\Conduit Clé trouvée: HKCU\Software\freeTVRadio Clé trouvée: HKCU\Software\EoRezo Clé trouvée: HKCU\Software\ItsLabel Clé trouvée: HKCU\Software\Conduit Clé trouvée: HKCU\Software\fcn Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EoRezo Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9} Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECB78231-F8B6-4f4f-BA47-F7B6078419FB} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoEngine_is1 ============== SCAN ADDITIONNEL ============== ** Internet Explorer Version [7.0.5730.11] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://g.msn.fr/0SEFRFR/SAOS02 Search Page: hxxp://home.microsoft.com/access/allinone.asp Show_ToolBar: yes Start Page: hxxp://www.ecosia.fr/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://www.trooner.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 09/12/2010 (2631 Octet(s)) Fin à: 19:24:01, 09/12/2010 ============== E.O.F ============== 2.ensuite adremover nettoyer: ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 08/12/10 à 10:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix C:\Program Files\Ad-Remover\main.exe (CLEAN [3]) -> Lancé à 19:32:30 le 09/12/2010, Mode normal Microsoft Windows XP Édition familiale Service Pack 3 (X86) Alma Linda@AMÉLINE ( ) ============== ACTION(S) ============== Dossier supprimé: C:\Documents and Settings\Alma Linda\Local Settings\Application Data\Conduit Dossier supprimé: C:\Program Files\Conduit Dossier supprimé: C:\Documents and Settings\Alma Linda\Application Data\freeTVRadio Dossier supprimé: C:\Documents and Settings\Alma Linda\Application Data\EoRezo Dossier supprimé: C:\Documents and Settings\Administrateur\Application Data\EoRezo Dossier supprimé: C:\Program Files\EoRezo Dossier supprimé: C:\Documents and Settings\Alma Linda\Application Data\ItsLabel (!) -- Fichiers temporaires supprimés. Clé supprimée: HKLM\Software\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350} Clé supprimée: HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0} Clé supprimée: HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A} Clé supprimée: HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D} Clé supprimée: HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F} Clé supprimée: HKLM\Software\Classes\EoRezoBHO.EoBho Clé supprimée: HKLM\Software\Classes\EoRezoBHO.EoBho.1 Clé supprimée: HKLM\Software\Classes\Toolbar.CT2088315 Clé supprimée: HKLM\Software\EoRezo Clé supprimée: HKLM\Software\ItsLabel Clé supprimée: HKLM\Software\Conduit Clé supprimée: HKCU\Software\freeTVRadio Clé supprimée: HKCU\Software\EoRezo Clé supprimée: HKCU\Software\ItsLabel Clé supprimée: HKCU\Software\Conduit Clé supprimée: HKCU\Software\fcn Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EoRezo Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECB78231-F8B6-4f4f-BA47-F7B6078419FB} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoEngine_is1 ============== SCAN ADDITIONNEL ============== ** Internet Explorer Version [7.0.5730.11] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 186 Fichier(s) C:\Program Files\Ad-Remover\Backup: 16 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 09/12/2010 (443 Octet(s)) C:\Ad-Report-CLEAN[2].txt - 09/12/2010 (443 Octet(s)) C:\Ad-Report-CLEAN[3].txt - 09/12/2010 (1003 Octet(s)) C:\Ad-Report-SCAN[1].txt - 09/12/2010 (3811 Octet(s)) Fin à: 19:35:13, 09/12/2010 ============== E.O.F ============== 3. usbfix: ############################## | UsbFix 7.035 | [Recherche] Utilisateur: Alma Linda (Administrateur) # AMÉLINE [ ] Mis à jour le 05/12/10 par El Desaparecido / C_XX Lancé à 20:06:05 | 09/12/2010 Site Web: TeamXscript : AD-Remover - FindyKill - UsbFix Contact: eldesaparecido@teamxscript.org CPU: Intel® Pentium® M processor 1.73GHz Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 7.0.5730.11 Pare-feu Windows: Activé Antivirus: avast! Antivirus 5.0.83886757 [(!) Disabled | Updated] RAM -> 502 Mo C:\ (%systemdrive%) -> Disque fixe # 75 Go (9 Go libre(s) - 12%) [] # NTFS D:\ -> CD-ROM E:\ -> Disque amovible # 1008 Mo (2 Mo libre(s) - 0%) [] # FAT32 ################## | Éléments infectieux | ################## | Registre | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\E Shell\AutoRun\Command = E:\LaunchU3.exe -a HKCU\.\.\.\.\Explorer\MountPoints2\{ca790a01-c505-11db-b340-000fb0a80e27} Shell\Auto\Command = AdobeR.exe e Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F | 4. usbfix 2: ############################## | UsbFix 7.035 | [suppression] Utilisateur: Alma Linda (Administrateur) # AMÉLINE [ ] Mis à jour le 05/12/10 par El Desaparecido / C_XX Lancé à 20:22:35 | 09/12/2010 Site Web: TeamXscript : AD-Remover - FindyKill - UsbFix Contact: eldesaparecido@teamxscript.org CPU: Intel® Pentium® M processor 1.73GHz Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3 Internet Explorer 7.0.5730.11 Pare-feu Windows: Activé Antivirus: avast! Antivirus 5.0.83886757 [(!) Disabled | Updated] RAM -> 502 Mo C:\ (%systemdrive%) -> Disque fixe # 75 Go (9 Go libre(s) - 12%) [] # NTFS D:\ -> CD-ROM E:\ -> Disque amovible # 1008 Mo (2 Mo libre(s) - 0%) [] # FAT32 ################## | Éléments infectieux | Supprimé! C:\Recycler\S-1-5-21-2391906574-2178107168-122006831-1006 Supprimé! C:\Recycler\S-1-5-21-2391906574-2178107168-122006831-500 ################## | Registre | ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\E Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ca790a01-c505-11db-b340-000fb0a80e27} ################## | Listing | [05/12/2010 - 11:07:57 | D ] C:\98fecc3bad5b3f43c7 [16/06/2010 - 15:12:29 | DC ] C:\9c06c3ac0d4b7d6b29354c77b9 [09/12/2010 - 19:46:36 | C | 11165] C:\aaw7boot.log [09/05/2006 - 14:21:15 | N | 40] C:\Auth.prof [16/09/2005 - 07:37:55 | N | 0] C:\AUTOEXEC.BAT [05/05/2009 - 12:03:18 | N | 216] C:\boot.ini [05/08/2004 - 11:00:00 | N | 4952] C:\Bootfont.bin [21/11/2010 - 08:49:27 | D ] C:\Config.Msi [16/09/2005 - 07:37:55 | N | 0] C:\CONFIG.SYS [15/02/2010 - 10:57:42 | DC ] C:\divx [04/12/2010 - 21:31:50 | D ] C:\Documents and Settings [02/03/2006 - 12:17:31 | N | 55962] C:\EasyShare.dmp [09/12/2010 - 19:46:38 | ASH | 526897152] C:\hiberfil.sys [16/09/2005 - 07:44:07 | D ] C:\I386 [16/09/2005 - 07:37:55 | N | 0] C:\IO.SYS [16/09/2005 - 07:37:55 | N | 0] C:\MSDOS.SYS [05/08/2004 - 11:00:00 | N | 47564] C:\NTDETECT.COM [19/11/2008 - 16:00:32 | N | 252240] C:\ntldr [09/12/2010 - 19:46:36 | ASH | 792723456] C:\pagefile.sys [09/12/2010 - 19:43:26 | D ] C:\Program Files [09/12/2010 - 20:31:43 | SHD ] C:\RECYCLER [07/06/2007 - 19:18:30 | D ] C:\SIERRA [01/10/2010 - 10:17:24 | DC ] C:\spoolerlogs [16/09/2005 - 09:28:42 | D ] C:\SUPPORT [08/11/2005 - 08:21:22 | N | 237] C:\SWSTAMP.TXT [01/01/2006 - 18:03:34 | SHD ] C:\System Volume Information [25/01/2009 - 11:59:25 | DC ] C:\Temp [01/01/2006 - 18:03:10 | D ] C:\TOOLSCD [24/05/2001 - 12:59:30 | N | 162304] C:\UNWISE.EXE [09/12/2010 - 20:31:43 | DC ] C:\UsbFix [09/12/2010 - 20:31:44 | AC | 929] C:\UsbFix.txt [16/09/2005 - 09:42:50 | D ] C:\VALUEADD [09/12/2010 - 19:47:11 | D ] C:\WINDOWS [01/01/1995 - 01:00:00 | R | 44] D:\Track00.cda [29/05/2010 - 15:45:20 | D ] E:\LA POLLA [22/11/2009 - 21:26:42 | N | 6148] E:\.DS_Store [15/02/2010 - 15:24:52 | D ] E:\A GRAVER [07/02/2010 - 00:23:58 | N | 733120512] E:\Nos enfants nous accuserons - sorti nov 2008 - documentaire cantine scolaire Bio.avi [15/12/2007 - 15:44:16 | D ] E:\Recycled ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) E:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_AMÉLINE.zip Upload TeamXscript Merci de votre contribution. ################## | E.O.F | 5. tdsskiller: 2010/12/09 20:50:31.0156 TDSS rootkit removing tool 2.4.11.0 Dec 8 2010 14:46:40 2010/12/09 20:50:31.0156 ================================================================================ 2010/12/09 20:50:31.0156 SystemInfo: 2010/12/09 20:50:31.0156 2010/12/09 20:50:31.0156 OS Version: 5.1.2600 ServicePack: 3.0 2010/12/09 20:50:31.0156 Product type: Workstation 2010/12/09 20:50:31.0156 ComputerName: AMÉLINE 2010/12/09 20:50:31.0156 UserName: Alma Linda 2010/12/09 20:50:31.0156 Windows directory: C:\WINDOWS 2010/12/09 20:50:31.0156 System windows directory: C:\WINDOWS 2010/12/09 20:50:31.0156 Processor architecture: Intel x86 2010/12/09 20:50:31.0156 Number of processors: 1 2010/12/09 20:50:31.0156 Page size: 0x1000 2010/12/09 20:50:31.0156 Boot type: Normal boot 2010/12/09 20:50:31.0156 ================================================================================ 2010/12/09 20:50:31.0828 Initialize success 2010/12/09 20:51:47.0187 ================================================================================ 2010/12/09 20:51:47.0187 Scan started 2010/12/09 20:51:47.0187 Mode: Manual; 2010/12/09 20:51:47.0187 ================================================================================ 2010/12/09 20:51:51.0828 Aavmker4 (8d488938e2f7048906f1fbd3af394887) C:\WINDOWS\system32\drivers\Aavmker4.sys 2010/12/09 20:51:52.0703 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2010/12/09 20:51:53.0171 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 2010/12/09 20:51:54.0281 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2010/12/09 20:51:54.0781 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2010/12/09 20:51:55.0437 AgereSoftModem (029e01cb2938bec5af31bf47b6af0159) C:\WINDOWS\system32\DRIVERS\AGRSM.sys 2010/12/09 20:51:56.0343 ALCXWDM (35045a23957a71ba649740741e69408c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 2010/12/09 20:51:57.0156 ApfiltrService (87ec3fdcaf6c5052e2e72b861dedd3d3) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 2010/12/09 20:51:57.0312 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2010/12/09 20:51:58.0546 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\WINDOWS\system32\drivers\aswFsBlk.sys 2010/12/09 20:51:58.0703 aswMon2 (7d880c76a285a41284d862e2d798ec0d) C:\WINDOWS\system32\drivers\aswMon2.sys 2010/12/09 20:51:58.0875 aswRdr (69823954bbd461a73d69774928c9737e) C:\WINDOWS\system32\drivers\aswRdr.sys 2010/12/09 20:51:59.0171 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\WINDOWS\system32\drivers\aswSP.sys 2010/12/09 20:51:59.0984 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\WINDOWS\system32\drivers\aswTdi.sys 2010/12/09 20:52:00.0296 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2010/12/09 20:52:00.0500 atapi (d75eda364302ec85ec5db9727fe07438) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/12/09 20:52:00.0546 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\atapi.sys. Real md5: d75eda364302ec85ec5db9727fe07438, Fake md5: 9f3a2f5aa6875c72bf062c712cfa2674 2010/12/09 20:52:00.0562 atapi - detected Rootkit.Win32.TDSS.tdl3 (0) 2010/12/09 20:52:01.0140 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2010/12/09 20:52:01.0265 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2010/12/09 20:52:01.0781 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2010/12/09 20:52:01.0906 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2010/12/09 20:52:02.0187 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2010/12/09 20:52:02.0671 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2010/12/09 20:52:02.0843 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2010/12/09 20:52:02.0984 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2010/12/09 20:52:03.0328 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2010/12/09 20:52:03.0500 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2010/12/09 20:52:04.0546 DCamUSBSQTECH (100ff3d9e16afb3163bd6f9aaaab7c55) C:\WINDOWS\system32\Drivers\SQcaptur.sys 2010/12/09 20:52:04.0875 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2010/12/09 20:52:05.0078 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys 2010/12/09 20:52:05.0328 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 2010/12/09 20:52:05.0437 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2010/12/09 20:52:06.0031 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2010/12/09 20:52:06.0281 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2010/12/09 20:52:06.0500 drvmcdb (96bc8f872f0270c10edc3931f1c03776) C:\WINDOWS\system32\drivers\drvmcdb.sys 2010/12/09 20:52:06.0828 drvnddm (5afbec7a6ac61b211633dfdb1d9e0c89) C:\WINDOWS\system32\drivers\drvnddm.sys 2010/12/09 20:52:07.0359 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2010/12/09 20:52:07.0765 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2010/12/09 20:52:08.0312 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 2010/12/09 20:52:08.0546 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2010/12/09 20:52:08.0718 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2010/12/09 20:52:09.0171 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2010/12/09 20:52:09.0343 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2010/12/09 20:52:09.0593 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2010/12/09 20:52:10.0125 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2010/12/09 20:52:10.0468 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2010/12/09 20:52:10.0562 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2010/12/09 20:52:11.0015 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2010/12/09 20:52:11.0140 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2010/12/09 20:52:11.0906 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2010/12/09 20:52:12.0171 ialm (240d0f5d7caafd87bd8d801a97bbe041) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 2010/12/09 20:52:12.0609 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2010/12/09 20:52:13.0093 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys 2010/12/09 20:52:13.0921 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2010/12/09 20:52:14.0187 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2010/12/09 20:52:14.0531 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2010/12/09 20:52:14.0734 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2010/12/09 20:52:15.0250 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2010/12/09 20:52:15.0609 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2010/12/09 20:52:15.0781 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2010/12/09 20:52:16.0234 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2010/12/09 20:52:16.0531 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys 2010/12/09 20:52:16.0718 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2010/12/09 20:52:16.0906 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2010/12/09 20:52:17.0015 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2010/12/09 20:52:17.0390 Lavasoft Kernexplorer (32da3fde01f1bb080c2e69521dd8881e) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys 2010/12/09 20:52:18.0140 meiudf (7efac183a25b30fb5d64cc9d484b1eb6) C:\WINDOWS\system32\Drivers\meiudf.sys 2010/12/09 20:52:18.0312 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2010/12/09 20:52:18.0593 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 2010/12/09 20:52:18.0859 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2010/12/09 20:52:19.0078 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2010/12/09 20:52:19.0296 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2010/12/09 20:52:19.0609 MRENDIS5 (594b9d8194e3f4ecbf0325bd10bbeb05) C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS 2010/12/09 20:52:19.0906 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2010/12/09 20:52:20.0171 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2010/12/09 20:52:20.0437 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010/12/09 20:52:20.0812 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010/12/09 20:52:21.0062 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2010/12/09 20:52:21.0281 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2010/12/09 20:52:21.0406 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2010/12/09 20:52:21.0625 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2010/12/09 20:52:22.0234 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2010/12/09 20:52:22.0734 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2010/12/09 20:52:22.0921 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2010/12/09 20:52:23.0250 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2010/12/09 20:52:23.0875 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2010/12/09 20:52:23.0984 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2010/12/09 20:52:24.0109 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 2010/12/09 20:52:24.0296 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2010/12/09 20:52:24.0765 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys 2010/12/09 20:52:25.0171 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2010/12/09 20:52:25.0406 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2010/12/09 20:52:25.0687 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2010/12/09 20:52:25.0921 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2010/12/09 20:52:26.0062 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2010/12/09 20:52:26.0265 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2010/12/09 20:52:26.0453 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2010/12/09 20:52:26.0531 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys 2010/12/09 20:52:26.0781 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2010/12/09 20:52:26.0906 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 2010/12/09 20:52:27.0015 PCASp50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\WINDOWS\system32\Drivers\PCASp50.sys 2010/12/09 20:52:27.0156 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 2010/12/09 20:52:27.0468 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 2010/12/09 20:52:27.0578 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 2010/12/09 20:52:28.0937 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys 2010/12/09 20:52:29.0250 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2010/12/09 20:52:29.0500 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2010/12/09 20:52:29.0812 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2010/12/09 20:52:30.0359 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys 2010/12/09 20:52:31.0437 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2010/12/09 20:52:31.0562 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2010/12/09 20:52:31.0687 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2010/12/09 20:52:31.0828 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2010/12/09 20:52:31.0937 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2010/12/09 20:52:32.0156 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2010/12/09 20:52:32.0359 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 2010/12/09 20:52:32.0703 RTL8023xp (7f0413bdd7d53eb4c7a371e7f6f84df1) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys 2010/12/09 20:52:33.0093 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 2010/12/09 20:52:33.0296 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 2010/12/09 20:52:33.0484 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2010/12/09 20:52:33.0781 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 2010/12/09 20:52:34.0046 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys 2010/12/09 20:52:34.0218 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys 2010/12/09 20:52:34.0390 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2010/12/09 20:52:34.0812 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2010/12/09 20:52:35.0046 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2010/12/09 20:52:35.0234 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 2010/12/09 20:52:35.0671 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys 2010/12/09 20:52:35.0875 SrvcSSIOMngr (79b7af340d55861df1d69e7bac975fcc) C:\WINDOWS\system32\Drivers\SSIoMngr.sys 2010/12/09 20:52:35.0968 sscdbhk5 (98625722ad52b40305e74aaa83c93086) C:\WINDOWS\system32\drivers\sscdbhk5.sys 2010/12/09 20:52:36.0109 ssrtln (d79412e3942c8a257253487536d5a994) C:\WINDOWS\system32\drivers\ssrtln.sys 2010/12/09 20:52:36.0234 StillCam (3f669c9fc6411bdbc0155544aa876e46) C:\WINDOWS\system32\DRIVERS\serscan.sys 2010/12/09 20:52:36.0343 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2010/12/09 20:52:36.0421 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2010/12/09 20:52:36.0484 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2010/12/09 20:52:36.0859 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2010/12/09 20:52:36.0968 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2010/12/09 20:52:37.0156 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys 2010/12/09 20:52:37.0265 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2010/12/09 20:52:37.0359 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2010/12/09 20:52:37.0562 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2010/12/09 20:52:37.0734 tfsnboio (d0177776e11b0b3f272eebd262a69661) C:\WINDOWS\system32\dla\tfsnboio.sys 2010/12/09 20:52:37.0750 tfsncofs (599804bc938b8305a5422319774da871) C:\WINDOWS\system32\dla\tfsncofs.sys 2010/12/09 20:52:37.0781 tfsndrct (a1902c00adc11c4d83f8e3ed947a6a32) C:\WINDOWS\system32\dla\tfsndrct.sys 2010/12/09 20:52:37.0890 tfsndres (e2260a2bb1b24526bfaa7df426b69b20) C:\WINDOWS\system32\dla\tfsndres.sys 2010/12/09 20:52:37.0953 tfsnifs (c4f2dea75300971cdaee311007de138d) C:\WINDOWS\system32\dla\tfsnifs.sys 2010/12/09 20:52:38.0031 tfsnopio (272925be0ea919f08286d2ee6f102b0f) C:\WINDOWS\system32\dla\tfsnopio.sys 2010/12/09 20:52:38.0171 tfsnpool (7b7d955e5cebc2fb88b03ef875d52a2f) C:\WINDOWS\system32\dla\tfsnpool.sys 2010/12/09 20:52:38.0281 tfsnudf (e3d01263109d800c1967c12c10a0b018) C:\WINDOWS\system32\dla\tfsnudf.sys 2010/12/09 20:52:38.0437 tfsnudfa (b9e9c377906e3a65bc74598fff7f7458) C:\WINDOWS\system32\dla\tfsnudfa.sys 2010/12/09 20:52:42.0656 tifm21 (0edc3cf7b38f4260eb006c38e4a44de4) C:\WINDOWS\system32\drivers\tifm21.sys 2010/12/09 20:52:43.0093 tosrfec (28c252f4311244a07b6dafc1fa0a2b0e) C:\WINDOWS\system32\DRIVERS\tosrfec.sys 2010/12/09 20:52:43.0265 TPwSav (f163e994d26c2b17fee748fa84fbdba5) C:\WINDOWS\system32\Drivers\TPwSav.sys 2010/12/09 20:52:43.0515 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys 2010/12/09 20:52:43.0812 Tvs (925b851b10eefece7ed6b9a1c8873135) C:\WINDOWS\system32\DRIVERS\Tvs.sys 2010/12/09 20:52:43.0921 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2010/12/09 20:52:44.0031 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2010/12/09 20:52:44.0140 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2010/12/09 20:52:44.0234 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2010/12/09 20:52:44.0328 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2010/12/09 20:52:44.0953 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2010/12/09 20:52:45.0015 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2010/12/09 20:52:45.0187 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2010/12/09 20:52:45.0218 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2010/12/09 20:52:45.0281 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2010/12/09 20:52:45.0406 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 2010/12/09 20:52:45.0828 w29n51 (67caa926ef06e07f2d31056b39f51c54) C:\WINDOWS\system32\DRIVERS\w29n51.sys 2010/12/09 20:52:46.0125 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2010/12/09 20:52:46.0437 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2010/12/09 20:52:46.0937 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2010/12/09 20:52:47.0156 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2010/12/09 20:52:47.0437 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2010/12/09 20:52:47.0484 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2010/12/09 20:52:48.0984 ================================================================================ 2010/12/09 20:52:48.0984 Scan finished 2010/12/09 20:52:48.0984 ================================================================================ 2010/12/09 20:52:49.0000 Detected object count: 1 2010/12/09 20:53:13.0546 atapi (d75eda364302ec85ec5db9727fe07438) C:\WINDOWS\system32\DRIVERS\atapi.sys 2010/12/09 20:53:13.0546 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\atapi.sys. Real md5: d75eda364302ec85ec5db9727fe07438, Fake md5: 9f3a2f5aa6875c72bf062c712cfa2674 2010/12/09 20:53:22.0906 Backup copy not found, trying to cure infected file.. 2010/12/09 20:53:22.0906 Cure success, using it.. 2010/12/09 20:53:22.0984 C:\WINDOWS\system32\DRIVERS\atapi.sys - will be cured after reboot 2010/12/09 20:53:22.0984 Rootkit.Win32.TDSS.tdl3(atapi) - User select action: Cure 2010/12/09 20:53:36.0156 Deinitialize success voilà, c'est tout pour le moment en attendant de recevoir une réponse pour savoir que faire avec mbam. cordialement -
ordi qui déconne, aidez moi svp!
aie a répondu à un(e) sujet de aie dans Analyses et éradication malwares
Voilà un sacré programme!!! Je me lance ce soir et finirais probablement demain, je voulais juste savoir à quel moment je dois reactiver la protection résidente de mon antivirus??? Merci encore.