Ono

Membres

Afficher le profil Afficher son activité

Compteur de contenus
1
Inscription
le 11 août 2011
Dernière visite
le 11 août 2011

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par Ono

Infection massive et complexe

Ono a posté un sujet dans Analyses et éradication malwares

Bonjour, Tout d'abord bravo pour la suite d'outils ZHP. Bon nombre d'utilitaires de désinfection qui ont rendu bien des services par le passé sont frappés obsolescence (hijackthis, sybot...). Je dois l'être également puisque c'est la première fois que je demande de l'aide (j'ai mis mon amour-propre au congélateur et envoyé mon ego faire un tour jusqu'à désinfection). Et bien voici : - svchost s'emballe par moments sans que j'ai le temps de remonter le service. - après le passage de combofix en mode sans échec, impossible d'ouvrir quoique ce soit, ni même d'arrêter un processus. - des processus sont cachés (v. copie écran) : la somme des % d'occupation temps machine par processus < somme totale tous les utilisateurs. - les logins dans les macros (fichiers txt iiopus, extension firefox) qui me servaient à la connexion pour la consultation des E-mails ont été tronqués après le "@" de mon adresse. - les mots de passe de accès mail semblent avoir été modifiés (je n'ai pas insisté avent désinfection). Encore merci pour vos actes solidaires. Ci-dessous le rapport ZHPDiag, puis Combofix probablement inutile) : Rapport de ZHPDiag v1.28.1321 par Nicolas Coolman, Update du 09/08/2011 Run by Patouche at 11/08/2011 10:54:23 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 (Defaut) MFIE: Mozilla Firefox 5.0 v5.0 ---\\ Windows Product Information Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : X7QB8 Windows License : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3070 MB (52% free) System Restore: Activé (Enable) System drive C: has 141 GB (38%) free of 365 GB ---\\ Logged in mode ~ Computer Name: ORDIPOUNET ~ User Name: Patouche ~ All Users Names: UpdatusUser, Patouche, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Patouche\AppData\Roaming\ ~ %Desktop% : C:\Users\Patouche\Desktop\ ~ %Favorites% : C:\Users\Patouche\Favorites\ ~ %LocalAppData% : C:\Users\Patouche\AppData\Local\ ~ %StartMenu% : C:\Users\Patouche\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 141 Go of 365 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 32 Go of 99 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 2 Go) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ CD-ROM drive (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) K:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.07/08/2011 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.07/08/2011 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.07/08/2011 - 08:33:37.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/08/2011 - 11:24:46.) -- C:\Windows\system32\wininet.dll [1126912] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.07/08/2011 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.30/01/2011 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.30/01/2011 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] [MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.30/01/2011 - 08:34:10.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 4/516 ~ Mes musiques (My Musics) : 50/2308 ~ Mes Videos (My Videos) : 1/142 ~ Mes Favoris (My Favorites) : 2/22 ~ Mes Documents (My Documents) : 78/11526 ~ Mon Bureau (My Desktop) : 616/9847 ~ Menu demarrer (Programs) : 6/68 ~ Scan Hidden Files in 00mn 12s ---\\ Processus lancés [MD5.04DB1E60FBFB9A77AF16238A209C2CDD] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [373864] [MD5.CCC08DE1286571175A75A56563C37715] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4706304] [MD5.895E17BFF96D3114FD19CEC65A0E749E] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2554696] [MD5.E1E2D028E40D58FFF8DC88514E858117] - (.Lexmark International, Inc. - Lexmark 1200 Series Button Manager.) -- C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe [74672] [MD5.1727CE551D69F0DF0BF98FA20DD8D92E] - (.cFos Software GmbH - cFosSpeed Window.) -- C:\Program Files\cFosSpeed\cfosspeed.exe [881368] [MD5.5D0F2626553613B22AF1BF709DD84148] - (.tzuk - Sandboxie Control.) -- C:\Program Files\Sandboxie\SbieCtrl.exe [389120] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [MD5.BDD713D351F065E20F12865B8CFD956D] - (.MagicISO, Inc. - MagicISO Virtual CD/DVD Manager.) -- C:\Program Files\MagicDisc\MagicDisc.exe [575488] [MD5.4560FD06FD052712525EB088F58C103C] - (.Lexmark International, Inc. - Lexmark 1200 Series Button Monitor.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe [58288] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [MD5.DD0CC1613101093AAB0E99C24B207883] - (...) -- C:\Program Files\Hotspot Shield\bin\openvpntray.exe [129352] [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [MD5.061CBB1058A10C0875D18CAFF835AE97] - (.Microsoft Corporation - Hôte des applications HTML de Microsoft®.) -- C:\Windows\System32\mshta.exe [11776] [MD5.59161195EA070A0BB8A85B5B99D8F643] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\ccleaner.exe [2585408] [MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [MD5.16B28217497C9F1A70CA0A0D53FA04AC] - (.Nicolas Coolman - Analyseur de rapports sécurité.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe [893440] [MD5.C354A712DCCA3E4AC3C4B8C6A9BD28A0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064] [MD5.7C732AFF202DCD06C3D262966D71604C] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 275.3.) -- C:\Windows\system32\nvvsvc.exe [615528] [MD5.43F37E8F60F3677E84C6AFC70C784AFD] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1793712] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [MD5.3D36332478EF0026439D8AD4471E800C] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [839272] [MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [MD5.47ABD3DC72929F42329D397151A9A6FA] - (.cFos Software GmbH - cFosSpeed Service.) -- C:\Program Files\cFosSpeed\spd.exe [390872] [MD5.27CB54C0346EFD7B0536B0CB610131AE] - (...) -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe [298824] [MD5.2CFEA9C337B699ACA38487E8A7438F35] - (.AnchorFree Inc. - Pas de description.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [363336] [MD5.564BAB77CD96CE0E3FD5BBCDDED142DF] - (...) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe [329544] [MD5.FA88D61278C6B73D50EC441FBD91D1FC] - (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\lxczcoms.exe [537520] [MD5.D07C9575726797B0E9069E1108A1C483] - (.Microsoft Corporation - SQL Server Windows NT.) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224] [MD5.D701C5A242C31D018375459E1373FE22] - (.tzuk - Sandboxie Service.) -- C:\Program Files\Sandboxie\SbieSvc.exe [66560] [MD5.54902536AAD0E9B99BC65F89C0CAF93F] - (.Microsoft Corporation - SQL Server VSS Writer.) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [89968] [MD5.B1691AF4A072CB674D600DB16DD7308E] - (.Rocket Division Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968] [MD5.A2ABC52CD8A5B60262B220A17A92EB31] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [378472] [MD5.52B1899DF89DFFFC9C94F2214459C386] - (.TuneUp Software - TuneUp Program Statistics Service.) -- C:\Windows\System32\TUProgSt.exe [603904] [MD5.5A0C788C5BC5F2C993CB60940ADCF95E] - (.X10 - X10 Module.) -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480] [MD5.AD1870C8E5D6DD340C829E6074BF3C3F] - (.Microsoft Corporation - Service de planification Windows Media Cent.) -- C:\Windows\ehome\ehsched.exe [131072] [MD5.9BE3744D295A7701EB425332014F0797] - (.Microsoft Corporation - Service de réception Windows Media Center.) -- C:\Windows\ehome\ehRecvr.exe [292352] [MD5.262D2FBF211A88DCB84249DF0F6EF6E7] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504] [MD5.B41FD804F2A6A86DA95C05632FD98117] - (...) -- C:\Program Files\Hotspot Shield\bin\openvpn.exe [609096] ~ Scan Processes Running in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Patouche\AppData\Roaming\Mozilla\Firefox\Profiles\pycqkpj7.default\prefs.js M3 - MFPP: Plugins - [Patouche] -- C:\Users\Patouche\AppData\Roaming\Mozilla\Firefox\Profiles\pycqkpj7.default\searchplugins\aeromp3com.xml M3 - MFPP: Plugins - [Patouche] -- C:\Users\Patouche\AppData\Roaming\Mozilla\Firefox\Profiles\pycqkpj7.default\searchplugins\beemp3.xml M3 - MFPP: Plugins - [Patouche] -- C:\Users\Patouche\AppData\Roaming\Mozilla\Firefox\Profiles\pycqkpj7.default\searchplugins\mozilla-add-ons.xml M3 - MFPP: Plugins - [Patouche] -- C:\Users\Patouche\AppData\Roaming\Mozilla\Firefox\Profiles\pycqkpj7.default\searchplugins\mp3-downloads.xml M3 - MFPP: Plugins - [Patouche] -- C:\Users\Patouche\AppData\Roaming\Mozilla\Firefox\Profiles\pycqkpj7.default\searchplugins\search-tinysubs.xml M3 - MFPP: Plugins - [Patouche] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Patouche] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Patouche] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Patouche] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Patouche] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Patouche] -- C:\Program Files\Mozilla FireFox\searchplugins\privatesearch.xml M3 - MFPP: Plugins - [Patouche] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Patouche] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\chmfox@zhuoqiang.me] [] ChmFox v1.2 (.ZHUO Qiang.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\engine@conduit.com] [] Conduit Engine v3.3.3.2 (.Conduit Ltd..) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\https-everywhere@eff.org] [] HTTPS-Everywhere v1.0.0 (.Mike Perry & Peter Eckersley.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\max@subfighter.com] [] Flash Video Resources Downloader v1.0.3 (.Max Demian.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\{3eaacb33-878f-44fa-b4cd-6e67cbaf828b}] [] Unofficial Google Translate Firefox extension v1.4 (.Jimmy Ruska.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}] [] ChatZilla v0.9.87 (.The ChatZilla Team.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\{6e098d65-7d2d-46d4-ada0-2f882a29f795}] [] CHM Reader v0.2.3 (.Ling Li.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\{71328583-3CA7-4809-B4BA-570A85818FBB}] [cacheviewer] CacheViewer v0.6.3 (.The Tiny BENKI.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}] [] iMacros for Firefox v7.3.0.0 (.iMacros Team, iOpus Software GmbH.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\{9815d32d-08c2-42ca-a8c6-43e501a4512f}] [] Tor-Proxy.NET Toolbar v0.3.3 (.Tor-Proxy.NET.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20110704 (.WOT Services Oy.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.4 (.Michel Gutierrez.) M2 - MFEP: prefs.js [Patouche - pycqkpj7.default\{e3868d2c-9a68-4c4a-87f2-4e9d78fd16ee}] [] v (.Avindra+Descriptor+Goolcharan+#avg+LESENUSpageURL></em:homepageURL><em:targetApplication><Description><em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id><e P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0009.1.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll P2 - FPN: [HKLM] [Adobe Acrobat] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} . (.Conduit Ltd. - Conduit Toolbar.) (5, 3, 4, 2) -- C:\Program Files\Hotspot_Shield\tbHots.dll R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} . (.Conduit Ltd. - Conduit Toolbar.) (5, 3, 4, 2) -- C:\Program Files\Hotspot_Shield\tbHots.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 204.73.37.113:80 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 04s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Hotspot_Shield\tbHots.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} . (...) -- C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Hotspot_Shield\tbHots.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe O4 - HKLM\..\Run: [lxczbmgr.exe] . (.Lexmark International, Inc. - Lexmark 1200 Series Button Manager.) -- C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe O4 - HKLM\..\Run: [cFosSpeed] . (.cFos Software GmbH - cFosSpeed Window.) -- C:\Program Files\cFosSpeed\cFosSpeed.exe O4 - HKCU\..\Run: [sandboxieControl] . (.tzuk - Sandboxie Control.) -- C:\Program Files\Sandboxie\SbieCtrl.exe O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-2824818794-2576243679-2939498363-1004-2824818794-2576243679-2939498363-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-2824818794-2576243679-2939498363-1004-2824818794-2576243679-2939498363-1000\..\Run: [WindowsWelcomeCenter] oobefldr.dll ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Run XP Repair Pro 4.0.lnk . (.DDX SOFTWARE INC.) -- C:\Program Files\XP Repair Pro 4.0\ControlCenter.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk . (...) -- C:\Users\Patouche\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Patouche\Desktop\Bureau XP(D).lnk . (...) -- D:\Documents and Settings\Pounet\Bureau O4 - Global Startup: C:\Users\Patouche\Desktop\CyberLink WaveEditor.lnk . (.Cyberlink.) -- C:\Program Files\CyberLink\WaveEditor\WaveEditor.exe O4 - Global Startup: C:\Users\Patouche\Desktop\Downloads - Raccourci.lnk . (...) -- C:\Downloads O4 - Global Startup: C:\Users\Patouche\Desktop\IRAssistant.lnk . (...) -- C:\Program Files\IRAssistant\IRAssistant.exe O4 - Global Startup: C:\Users\Patouche\Desktop\Restart Explorer.bat - Raccourci.lnk . (...) -- C:\Windows\Restart Explorer.bat O4 - Global Startup: C:\Users\Patouche\Desktop\www - Raccourci.lnk . (...) -- C:\wamp\www O4 - Global Startup: C:\Users\Patouche\Desktop\µpdater.lnk . (...) -- C:\Users\Patouche\AppData\Roaming\uTorrent\IP filter µpdater.bat O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ StreamTransport.lnk . (...) -- C:\Program Files\StreamTransport\StreamTransport.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\binload.exe - Raccourci.lnk . (.Binload.) -- C:\Program Files\Binload\binload.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Charon.exe - Raccourci.lnk . (...) -- C:\Users\Patouche\Logiciels vrac\charon\Charon.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DFD.exe - Raccourci.lnk . (.Key Metric Software, LLC..) -- C:\Program Files\Key Metric Software\Duplicate File Detective 4\DFD.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVR-MS 2 MPEG2.lnk . (...) -- C:\Program Files\DVR-MS 2 MPEG2\DVR-MS 2 MPEG2.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\frd.exe - Raccourci.lnk . (.Vity.) -- C:\Users\Patouche\Logiciels vrac\FreeRapid-0.85u1-final\frd.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk . (.FreeDownloadManager.ORG.) -- C:\Program Files\Free Download Manager\fdm.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MantraPortable.exe - Raccourci.lnk . (.PortableApps.com.) -- C:\Users\Patouche\Logiciels vrac\MantraPortable\MantraPortable.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\mediacoder.exe - Raccourci.lnk . (.Stanley Huang.) -- C:\Program Files\MediaCoder\mediacoder.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\notepad - Raccourci.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\notepad.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\paltalk.exe - Raccourci.lnk . (.AVM Software Inc..) -- C:\Program Files\Paltalk Messenger\paltalk.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ProxyFirewall.lnk . (.Unique Internet Services.) -- C:\Program Files\ProxyFirewall\ProxyFirewall.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuarkXPress.exe - Raccourci.lnk . (.Quark, Inc..) -- C:\Program Files (x86)\Quark\QuarkXPress 9\QuarkXPress.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QUICKMEDIACONVERTER.lnk . (.Actecom.) -- C:\Program Files\QuickMediaConverter\QMC.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Run XP Repair Pro 4.0.lnk . (.DDX SOFTWARE INC.) -- C:\Program Files\XP Repair Pro 4.0\ControlCenter.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\RVCap.exe - Raccourci.lnk . (.All Alex, Inc..) -- C:\Program Files\Replay Video Capture\RVCap.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Snagit32.exe - Raccourci.lnk . (.TechSmith Corporation.) -- C:\Program Files\TechSmith\Snagit 9\Snagit32.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Start Tor Browser.exe - Raccourci.lnk . (...) -- C:\Users\Patouche\Logiciels vrac\Tor Browser\Start Tor Browser.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SUPERAntiSpyware Free Edition.lnk . (.SUPERAntiSpyware.com.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Super_macro.exe - Raccourci.lnk . (...) -- C:\Program Files\Super macro\Super_macro.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\swriter.exe - Raccourci.lnk . (.OpenOffice.org.) -- C:\Program Files\OpenOffice.org 3\program\swriter.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TMAC.exe - Raccourci.lnk . (.Technitium.) -- C:\Program Files\Technitium\TMACv5.0R3\TMAC.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Total Video Converter.lnk . (...) -- C:\Program Files\Total Video Converter\tvc.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Transmiti.exe - Raccourci.lnk . (.Thomas Arlt.) -- C:\Users\Patouche\Downloads\Transmiti.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TuneUp Maintenance en 1 clic.lnk . (.TuneUp Software GmbH.) -- C:\Program Files\TuneUp Utilities 2009\OneClick.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TVO.exe - Raccourci.lnk . (...) -- C:\Users\Patouche\Logiciels vrac\TVO\TVO.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\universalis2011.exe - Raccourci.lnk . (...) -- C:\Program Files\Encyclopaedia Universalis 2011\Encyclopaedia Universalis 2011\universalis2011.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VLC media player.lnk . (...) -- C:\Program Files\VideoLAN\VLC\vlc.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WampServer.lnk . (.Aestan Software.) -- C:\wamp\wampmanager.exe O4 - Global Startup: C:\Users\Patouche\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Ajouter au fichier PDF existant . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll O8 - Extra context menu item: Ajouter le contenu des liens sélectionnés à un fichier PDF existant . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll O8 - Extra context menu item: Ajouter le contenu du lien à un fichier PDF existant . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll O8 - Extra context menu item: Créer des fichiers PDF à partir des liens sélectionnés . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll O8 - Extra context menu item: Créer fichier PDF . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll O8 - Extra context menu item: Créer un fichier PDF depuis le contenu du lien . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Tout télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlfvideo.htm ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Envoyer à OneNote - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} . (.AVM Software Inc. - PaltalkScene.) -- C:\Program Files\Paltalk Messenger\Paltalk.exe O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.AVM Software Inc. - PaltalkScene.) -- C:\Program Files\Paltalk Messenger\Paltalk.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{98517776-CBB5-4511-B979-43A90479F5B9}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CCS\Services\Tcpip\..\{B0640846-9E80-45B2-A6D5-7F8D6BBE1E07}: DhcpNameServer = 10.71.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{F9E32B22-CA08-4CE2-A3C9-38C89F6E1EF0}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CCS\Services\Tcpip\..\{B0640846-9E80-45B2-A6D5-7F8D6BBE1E07}: DhcpDomain = hshld.com O17 - HKLM\System\CS1\Services\Tcpip\..\{3854B5DC-253B-4105-9612-5BF96795E62B}: DhcpNameServer = 86.64.145.143 84.103.237.143 O17 - HKLM\System\CS2\Services\Tcpip\..\{98517776-CBB5-4511-B979-43A90479F5B9}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CS2\Services\Tcpip\..\{B0640846-9E80-45B2-A6D5-7F8D6BBE1E07}: DhcpNameServer = 10.71.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{F9E32B22-CA08-4CE2-A3C9-38C89F6E1EF0}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CS2\Services\Tcpip\..\{B0640846-9E80-45B2-A6D5-7F8D6BBE1E07}: DhcpDomain = hshld.com O17 - HKLM\System\CS3\Services\Tcpip\..\{98517776-CBB5-4511-B979-43A90479F5B9}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CS3\Services\Tcpip\..\{B0640846-9E80-45B2-A6D5-7F8D6BBE1E07}: DhcpNameServer = 10.71.0.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{F9E32B22-CA08-4CE2-A3C9-38C89F6E1EF0}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CS3\Services\Tcpip\..\{B0640846-9E80-45B2-A6D5-7F8D6BBE1E07}: DhcpDomain = hshld.com ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll ~ Scan Winlogon in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.COMODO - COMODO Internet Security.) - C:\Windows\System32\guard32.dll ~ Scan AppInit DLL in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) . (.cFos Software GmbH - cFosSpeed Service.) - C:\Program Files\cFosSpeed\spd.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Hotspot Shield Service (hshld) . (...) - C:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) . (.AnchorFree Inc. - Pas de description.) - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (...) - C:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: lxcz_device (lxcz_device) . (.Pas de propriétaire - Printer Communication System.) - C:\Windows\system32\lxczcoms.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 275.3.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Sandboxie Service (SbieSvc) . (.tzuk - Sandboxie Service.) - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) . (.Rocket Division Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: C:\Windows\System32\TUProgSt.exe (TuneUp.ProgramStatisticsSvc) . (.TuneUp Software - TuneUp Program Statistics Service.) - C:\Windows\System32\TUProgSt.exe O23 - Service: X10 Device Network Service (x10nets) . (.X10 - X10 Module.) - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job [MD5.5467F1FF0AF264566740F67E8B810735] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [MD5.3A0647BDED81DBE0BCBB51D70B22C9E0] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files\Java\jre6\bin\jusched.exe [MD5.402832B3EEAB32E9AEB809FF7D8C3A8D] [APT] [Maintenance en 1 clic] (.TuneUp Software GmbH.) -- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe [MD5.00000000000000000000000000000000] [APT] [{094B910C-CC8B-4FB2-ABFD-4336C5DFBB9F}] (...) -- C:\Users\Patouche\Logiciels vrac\FreeRapid-0.83u1\frd.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{24E6F6C5-4BD8-4BFA-A1E4-F61FE7DE84B1}] (...) -- C:\Program Files\Cepstral\bin\ceptools.cpl" (.not file.) [MD5.00000000000000000000000000000000] [APT] [{3EF3CCB3-DD96-4699-B35D-2C5E220C18E7}] (...) -- C:\Users\Patouche\Desktop\Voix\AV Music Morpher Gold Full 4.0.68 + keygen\music_morpher_gold.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{48631814-5C7F-4619-94C0-90BAEAF8CE19}] (...) -- c:\users\Patouche\Documents\Transfert Maxtor 40\Documents Pounet\Bureau\Tof\Install_AACD_v3.exe (.not file.) [MD5.108FCDE8AC9CF07C55CF19D7302DCCC8] [APT] [{A92A4ABD-EBBA-44EE-8E33-C7796BA785DE}] (...) -- C:\Users\Patouche\Logiciels vrac\VirtualDub 1.9.8\auxsetup.exe [MD5.00000000000000000000000000000000] [APT] [{BC3EC294-1DD7-4F82-9523-21FF037ACA8B}] (...) -- C:\Users\Patouche\Desktop\Voix\AV Music Morpher Gold Full 4.0.68 + keygen\music_morpher_gold.exe (.not file.) [MD5.D41D8CD98F00B204E9800998ECF8427E] [APT] [{EDC46986-AB54-4ECF-8516-9A8266253420}] (...) -- C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" ~ Scan Scheduled Task in 00mn 02s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: (cmderd) . (.COMODO - COMODO Internet Security Eradication Driver.) - C:\Windows\system32\DRIVERS\cmderd.sys O41 - Driver: (cmdGuard) . (.COMODO - COMODO Internet Security Sandbox Driver.) - C:\Windows\system32\DRIVERS\cmdguard.sys O41 - Driver: (cmdHlp) . (.COMODO - COMODO Internet Security Helper Driver.) - C:\Windows\system32\DRIVERS\cmdhlp.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys O41 - Driver: (inspect) . (.COMODO - COMODO Internet Security Firewall Driver.) - C:\Windows\system32\DRIVERS\inspect.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\system32\DRIVERS\serial.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: (Inspect) . (.COMODO - COMODO Internet Security Firewall Driver.) - C:\Windows\system32\DRIVERS\inspect.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM] -- InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3} O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM] -- {324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3} O42 - Logiciel: DVR-MS 2 MPEG2 1.3 - (.*Baby*.) [HKLM] -- {414CB829-7CCC-4426-BB2A-152E482EB081}_is1 O42 - Logiciel: DebugMode Wink - (.Pas de propriétaire.) [HKLM] -- DebugMode Wink O42 - Logiciel: DivX Pro 6.8.0 VFW - (.Pas de propriétaire.) [HKLM] -- divx650vfw_is1 O42 - Logiciel: Dracula 3 - (.Microids.) [HKLM] -- Dracula 3_is1 O42 - Logiciel: Dungeon Siege 2 - (.Microsoft.) [HKLM] -- DungeonSiege2 O42 - Logiciel: EASEUS Partition Master 8.0.1 Home Edition - (.EASEUS.) [HKLM] -- EASEUS Partition Master Home Edition_is1 O42 - Logiciel: Encyclopaedia Universalis 2011 - (.Encyclopaedia Universalis.) [HKLM] -- Encyclopaedia Universalis 2011 O42 - Logiciel: Free Download Manager 3.0 - (.FreeDownloadManager.ORG.) [HKLM] -- Free Download Manager_is1 O42 - Logiciel: GameSpy Arcade - (.Pas de propriétaire.) [HKLM] -- GameSpy Arcade O42 - Logiciel: HFSExplorer 0.21 - (.Catacombae Software.) [HKLM] -- HFSExplorer O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotspot_Shield Toolbar - (.Pas de propriétaire.) [HKLM] -- Hotspot_Shield Toolbar O42 - Logiciel: I-Doser v4 - (.Pas de propriétaire.) [HKCU] -- I-Doser v4 O42 - Logiciel: IRAssistant 3.40b1 - (.Pas de propriétaire.) [HKLM] -- IRAssistant O42 - Logiciel: IsoBuster 2.6 - (.Smart Projects.) [HKLM] -- IsoBuster_is1 O42 - Logiciel: KB408682 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81300000003}_814 O42 - Logiciel: Lexmark 1200 Series - (.Lexmark International, Inc..) [HKLM] -- Lexmark 1200 Series O42 - Logiciel: LimeWire 5.2.4 - (.Lime Wire, LLC.) [HKLM] -- LimeWire O42 - Logiciel: MSDN Library pour les éditions Microsoft Visual Studio 2008 Express - (.Microsoft Corporation.) [HKLM] -- MSDN Library for Microsoft Visual Studio 2008 Express Editions O42 - Logiciel: Magic ISO Maker v5.4 (build 0255) - (.Pas de propriétaire.) [HKLM] -- Magic ISO Maker v5.4 (build 0255) O42 - Logiciel: MagicDisc 2.7.105 - (.Pas de propriétaire.) [HKLM] -- MagicDisc 2.7.105 O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: MediaCoder 2011 - (.Broad Intelligence.) [HKLM] -- MediaCoder O42 - Logiciel: MeuhMeuhTV Alpha 3.0.0.32 - (.La Communauté de la Vache.) [HKLM] -- MeuhMeuhTV Alpha_is1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR O42 - Logiciel: Microsoft SQL Server 2005 - (.Microsoft Corporation.) [HKLM] -- Microsoft SQL Server 2005 O42 - Logiciel: Microsoft Visual Basic 2008 Express - Français - (.Microsoft Corporation.) [HKLM] -- Microsoft Visual Basic 2008 Express Edition - FRA O42 - Logiciel: Mises à jour NVIDIA 1.3.5 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Morpheus Photo Animation Suite v3.10 - (.Morpheus Software, LLC.) [HKLM] -- Morpheus Photo Animation Suite_is1 O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr) O42 - Logiciel: Mozilla Thunderbird (2.0.0.23) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (2.0.0.23) O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIA StereoUSB Driver O42 - Logiciel: NVIDIA 3D Vision Controller Driver 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA Pilote 3D Vision 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision O42 - Logiciel: NVIDIA Pilote audio HD : 1.2.22.1 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver O42 - Logiciel: NVIDIA Pilote graphique 275.33 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo O42 - Logiciel: Natura Sound Therapy - (.Blissive Software.) [HKLM] -- Natura Sound Therapy O42 - Logiciel: Nero 9 - (.Nero AG.) [HKLM] -- {734cc1bd-77bc-4b44-a028-1dc68def1d95} O42 - Logiciel: PaltalkScene - (.AVM Software Inc..) [HKLM] -- PalTalk8.2 O42 - Logiciel: Perfect Uninstaller v6.3.3.5 - (.www.PerfectUninstaller.com.) [HKLM] -- Perfect Uninstaller_is1 O42 - Logiciel: Player - (.Pas de propriétaire.) [HKCU] -- QUICKMEDIACONVERTER O42 - Logiciel: ProxyFirewall 1.0.4 Beta - (.Unique Internet Services.) [HKLM] -- ProxyFirewall_is1 O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] -- QuickPar O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Reason 4.0 - (.Propellerhead Software AB.) [HKLM] -- Reason4_is1 O42 - Logiciel: Replay Video Capture - (.Applian Technologies Inc..) [HKLM] -- Replay Video Capture4.1 O42 - Logiciel: Sandboxie 3.42 - (.Pas de propriétaire.) [HKLM] -- Sandboxie O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM] -- InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: StreamTransport version: 1.0.2.1975 - (.Pas de propriétaire.) [HKLM] -- {FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1 O42 - Logiciel: SubDownloader2 - (.Pas de propriétaire.) [HKLM] -- SubDownloader2 O42 - Logiciel: Super macro 3.1 - (.Pas de propriétaire.) [HKLM] -- Super macro O42 - Logiciel: System Requirements Lab - (.Pas de propriétaire.) [HKLM] -- SystemRequirementsLab O42 - Logiciel: Technitium MAC Address Changer v5.0 Release 3 - (.Technitium.) [HKLM] -- TMACv5.0R3 O42 - Logiciel: Total Recorder 7.0 - (.Pas de propriétaire.) [HKLM] -- TotalRecorder O42 - Logiciel: Total Video Converter 3.12 080330 - (.EffectMatrix Inc..) [HKLM] -- Total Video Converter 3.12_is1 O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: WampServer 2.1 - (.Hervé Leclerc (HeL).) [HKLM] -- WampServer 2_is1 O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: X10 Hardware - (.Pas de propriétaire.) [HKLM] -- X10Hardware O42 - Logiciel: Xvid 1.2.2 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1 O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM] -- Yahoo! Messenger O42 - Logiciel: ZebHelpProcess 2.49 - (.Nicolas Coolman.) [HKLM] -- Zeb Help Process_is1 O42 - Logiciel: cFosSpeed v4.51 - (.cFos Software GmbH, Bonn.) [HKLM] -- cFosSpeed O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKCU] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\AACD] [HKCU\Software\Actecom] [HKCU\Software\Adobe] [HKCU\Software\Alcohol Soft] [HKCU\Software\Antenet] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\AskToolbar] [HKCU\Software\AppDataLow\Software\Conduit] [HKCU\Software\AppDataLow\Software\Hotspot_Shield] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow\Toolbar] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Applian] [HKCU\Software\AsfTools] [HKCU\Software\Avnex] [HKCU\Software\Bert's Software] [HKCU\Software\Beyersdorf] [HKCU\Software\BitTorrent] [HKCU\Software\Borland] [HKCU\Software\C:] [HKCU\Software\CDDB] [HKCU\Software\CamStudioOpenSource for Nick] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\ComodoGroup] [HKCU\Software\Comodo] [HKCU\Software\Cyberlink] [HKCU\Software\Cygwin] [HKCU\Software\Debugmode] [HKCU\Software\DirectShow] [HKCU\Software\DivXNetworks] [HKCU\Software\EASEUS] [HKCU\Software\EasyBits] [HKCU\Software\FLEXnet] [HKCU\Software\Foxit Software] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Freeware] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\GameSpy] [HKCU\Software\Google] [HKCU\Software\Hensense.com] [HKCU\Software\HighCriteria] [HKCU\Software\HotspotShield] [HKCU\Software\Intel] [HKCU\Software\Intelore] [HKCU\Software\JEDI-VCL] [HKCU\Software\JaboSoft] [HKCU\Software\JavaSoft] [HKCU\Software\Jouve] [HKCU\Software\Key Metric Software] [HKCU\Software\Lake] [HKCU\Software\Lavalys] [HKCU\Software\Lavasoft] [HKCU\Software\LexmarkPhoto] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Log Viewer] [HKCU\Software\Logitech] [HKCU\Software\Macromedia] [HKCU\Software\Macrovision] [HKCU\Software\MagicDisc] [HKCU\Software\MagicISO] [HKCU\Software\Magnet] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Microids] [HKCU\Software\MimarSinan] [HKCU\Software\Morpheus Software] [HKCU\Software\Mozilla Backup] [HKCU\Software\Mozilla] [HKCU\Software\N64 Emulation] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nektra] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Noromaa Solutions] [HKCU\Software\Nuance] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\PC SOFT] [HKCU\Software\Paint.NET] [HKCU\Software\Paltalk] [HKCU\Software\Perfect Software] [HKCU\Software\Perfect Uninstaller] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Propellerhead Software] [HKCU\Software\Quark] [HKCU\Software\QuickPar] [HKCU\Software\RayV] [HKCU\Software\Realtek] [HKCU\Software\Replay Video Capture] [HKCU\Software\SUPERAntiSpyware.com] [HKCU\Software\SWiSHzone.com] [HKCU\Software\Safer Networking Limited] [HKCU\Software\ScanSoft] [HKCU\Software\SecuROM] [HKCU\Software\SenBit] [HKCU\Software\Skype] [HKCU\Software\Smart Projects] [HKCU\Software\SmartSound Software] [HKCU\Software\Softonic] [HKCU\Software\Sony Media Software] [HKCU\Software\SubDownloader] [HKCU\Software\SubSystems] [HKCU\Software\Sysinternals] [HKCU\Software\TechSmith] [HKCU\Software\TuneUp] [HKCU\Software\Ulead Systems] [HKCU\Software\UniqueInternetServices] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VirtualDub.org] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\XPRepairPro4] [HKCU\Software\Yahoo] [HKCU\Software\Zeon] [HKCU\Software\Zyrax Software] [HKCU\Software\ej-technologies] [HKCU\Software\iMacros] [HKCU\Software\pth264] [HKCU\Software\tvp] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ANI] [HKLM\Software\Acronis] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Alpha Networks] [HKLM\Software\AppDataLow] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Applian] [HKLM\Software\Avnex] [HKLM\Software\Beyersdorf] [HKLM\Software\Blissive Software] [HKLM\Software\Borland] [HKLM\Software\CDDB] [HKLM\Software\Caphyon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\ComodoGroup] [HKLM\Software\Conduit] [HKLM\Software\Converter] [HKLM\Software\CyberLink] [HKLM\Software\Cygwin] [HKLM\Software\DebugMode] [HKLM\Software\Debug] [HKLM\Software\FreeDownloadManager.ORG] [HKLM\Software\FullCircle] [HKLM\Software\Google] [HKLM\Software\HighCriteria] [HKLM\Software\Hotspot_Shield] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Iron Lore] [HKLM\Software\JavaSoft] [HKLM\Software\Jouve] [HKLM\Software\JreMetrics] [HKLM\Software\Kaydara] [HKLM\Software\Khronos] [HKLM\Software\L&H] [HKLM\Software\Lake] [HKLM\Software\LexmarkInkjet] [HKLM\Software\Lexmark] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\MAXSOFT-OCRON] [HKLM\Software\MC4D] [HKLM\Software\MMTV] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MeuhMeuhTV] [HKLM\Software\MimarSinan] [HKLM\Software\Morpheus Software] [HKLM\Software\Moyea] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\PBSWProducts] [HKLM\Software\Perfect Uninstaller] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Propellerhead Software] [HKLM\Software\Quark] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Replay Video Capture] [HKLM\Software\S3R521] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safer Networking Limited] [HKLM\Software\ScanSoft] [HKLM\Software\SenBit] [HKLM\Software\Skype] [HKLM\Software\SmartSound Software] [HKLM\Software\Sonic] [HKLM\Software\Sony Corporation] [HKLM\Software\Sony Media Software] [HKLM\Software\Sun Microsystems] [HKLM\Software\Swearware] [HKLM\Software\TechSmith] [HKLM\Software\Technitium] [HKLM\Software\TrendMicro] [HKLM\Software\TuneUp] [HKLM\Software\Ulead Systems] [HKLM\Software\Unreal] [HKLM\Software\VideoLAN] [HKLM\Software\Wow6432Node] [HKLM\Software\Yahoo] [HKLM\Software\ZEON] [HKLM\Software\cFos] [HKLM\Software\ej-technologies] [HKLM\Software\iTinySoft] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 13/01/2009 - 18:31:48 - [40014656] ----D- C:\Program Files\Acronis O43 - CFD: 07/12/2007 - 16:54:20 - [12683094] ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites O43 - CFD: 10/08/2011 - 14:07:30 - [2599541589] ----D- C:\Program Files\Adobe O43 - CFD: 01/10/2009 - 15:44:44 - [932461] ----D- C:\Program Files\adslTV O43 - CFD: 05/07/2009 - 11:43:40 - [13133503] ----D- C:\Program Files\Alcohol Soft O43 - CFD: 17/07/2011 - 16:02:02 - [2221118] ----D- C:\Program Files\Apple Software Update O43 - CFD: 28/04/2009 - 13:21:00 - [0] ----D- C:\Program Files\Auslogics O43 - CFD: 19/02/2009 - 01:43:28 - [0] ----D- C:\Program Files\Babylon O43 - CFD: 04/08/2011 - 21:34:38 - [23357186] ----D- C:\Program Files\Binload O43 - CFD: 11/06/2009 - 13:02:46 - [2417595] ----D- C:\Program Files\BrainWave Generator O43 - CFD: 31/07/2011 - 13:35:30 - [4092512] ----D- C:\Program Files\CCleaner O43 - CFD: 11/08/2011 - 10:50:08 - [7272866] ----D- C:\Program Files\cFosSpeed O43 - CFD: 11/08/2011 - 09:25:16 - [1389557951] ----D- C:\Program Files\Common Files O43 - CFD: 04/04/2010 - 10:18:34 - [513159023] ----D- C:\Program Files\COMODO O43 - CFD: 02/08/2011 - 21:34:12 - [520728] ----D- C:\Program Files\Conduit O43 - CFD: 31/07/2011 - 15:14:44 - [513229641] ----D- C:\Program Files\CyberLink O43 - CFD: 15/04/2011 - 06:52:26 - [0] ----D- C:\Program Files\D-Link O43 - CFD: 04/07/2011 - 08:00:28 - [9889635] ----D- C:\Program Files\DebugMode O43 - CFD: 07/02/2010 - 19:29:46 - [694087] ----D- C:\Program Files\DivX Pro VFW O43 - CFD: 07/02/2010 - 11:53:36 - [39465930] ----D- C:\Program Files\DVR-MS 2 MPEG2 O43 - CFD: 12/07/2011 - 00:53:44 - [34375700] ----D- C:\Program Files\EASEUS O43 - CFD: 05/07/2011 - 04:19:28 - [3135] ----D- C:\Program Files\EasyPHP-5.3.2i O43 - CFD: 01/07/2011 - 09:59:12 - [6027969222] ----D- C:\Program Files\Encyclopaedia Universalis 2011 O43 - CFD: 11/09/2008 - 15:33:34 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 01/10/2009 - 13:27:04 - [19056752] ----D- C:\Program Files\Free Download Manager O43 - CFD: 15/03/2009 - 07:59:10 - [9497761] ----D- C:\Program Files\GameSpy Arcade O43 - CFD: 28/01/2009 - 09:08:36 - [27815141] ----D- C:\Program Files\Google O43 - CFD: 12/07/2011 - 22:33:26 - [2898974] ----D- C:\Program Files\HFSExplorer O43 - CFD: 12/05/2009 - 01:26:06 - [8519146] ----D- C:\Program Files\HighCriteria O43 - CFD: 04/01/2008 - 18:17:06 - [652221248] ----D- C:\Program Files\HomeCinema O43 - CFD: 02/08/2011 - 21:34:16 - [7392902] ----D- C:\Program Files\Hotspot Shield O43 - CFD: 02/08/2011 - 21:34:14 - [2549523] ----D- C:\Program Files\Hotspot_Shield O43 - CFD: 17/05/2009 - 11:51:24 - [7161150] ----D- C:\Program Files\IDoser v4 O43 - CFD: 31/07/2011 - 15:15:14 - [34948594] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 23/09/2008 - 18:53:32 - [1824041] ----D- C:\Program Files\Intelore O43 - CFD: 17/07/2011 - 11:38:26 - [6386003] ----D- C:\Program Files\Internet Explorer O43 - CFD: 03/07/2011 - 11:10:24 - [2277841] ----D- C:\Program Files\IRAssistant O43 - CFD: 14/06/2011 - 06:34:16 - [90223182] ----D- C:\Program Files\Java O43 - CFD: 10/06/2011 - 00:26:24 - [0] ----D- C:\Program Files\JRE O43 - CFD: 01/07/2011 - 10:41:40 - [24247317] ----D- C:\Program Files\Key Metric Software O43 - CFD: 23/06/2011 - 16:21:56 - [78969695] ----D- C:\Program Files\Lexmark 1200 Series O43 - CFD: 11/07/2009 - 07:28:22 - [77598309] ----D- C:\Program Files\LimeWire O43 - CFD: 28/09/2008 - 15:51:18 - [937576] ----D- C:\Program Files\MagicDisc O43 - CFD: 28/09/2008 - 18:09:00 - [3137968] ----D- C:\Program Files\MagicISO O43 - CFD: 17/06/2011 - 21:51:56 - [21232200] ----D- C:\Program Files\MahJong Suite O43 - CFD: 16/07/2011 - 15:15:34 - [7065135] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 30/07/2011 - 14:05:58 - [94696188] ----D- C:\Program Files\MediaCoder O43 - CFD: 30/09/2008 - 09:44:40 - [19891430] ----D- C:\Program Files\Mediafour O43 - CFD: 23/01/2010 - 19:14:02 - [8204356] ----D- C:\Program Files\MeuhMeuhTV Alpha O43 - CFD: 20/07/2009 - 12:28:34 - [2502737873] ----D- C:\Program Files\Microsoft Games O43 - CFD: 23/03/2010 - 09:04:02 - [405352788] ----D- C:\Program Files\Microsoft Office O43 - CFD: 27/05/2009 - 02:23:10 - [2694269] ----D- C:\Program Files\Microsoft Reader O43 - CFD: 18/10/2008 - 04:54:58 - [11794332] ----D- C:\Program Files\Microsoft SDKs O43 - CFD: 08/05/2011 - 15:27:28 - [39414723] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 18/10/2008 - 05:08:36 - [233117447] ----D- C:\Program Files\Microsoft SQL Server O43 - CFD: 18/10/2008 - 04:59:20 - [4475556] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 18/10/2008 - 04:59:20 - [616125] ----D- C:\Program Files\Microsoft Synchronization Services O43 - CFD: 18/10/2008 - 05:00:08 - [813853404] ----D- C:\Program Files\Microsoft Visual Studio 9.0 O43 - CFD: 07/12/2007 - 16:59:42 - [144949414] ----D- C:\Program Files\Microsoft Works O43 - CFD: 15/04/2011 - 13:15:42 - [9739013] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 21/09/2008 - 19:57:00 - [136492044] ----D- C:\Program Files\Mindscape O43 - CFD: 31/05/2009 - 19:00:50 - [12098261] ----D- C:\Program Files\Morpheus Photo Animation Suite O43 - CFD: 15/04/2011 - 08:09:38 - [99342446] ----D- C:\Program Files\Movie Maker O43 - CFD: 23/06/2011 - 10:26:52 - [39393903] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 09/09/2009 - 19:20:34 - [26612349] ----D- C:\Program Files\Mozilla Thunderbird O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 17/07/2011 - 08:38:28 - [0] ----D- C:\Program Files\MSECACHE O43 - CFD: 17/12/2007 - 17:47:42 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 28/05/2009 - 20:03:00 - [60791135] ----D- C:\Program Files\Natura Sound Therapy O43 - CFD: 26/07/2009 - 14:35:54 - [503998234] ----D- C:\Program Files\Nero O43 - CFD: 28/09/2008 - 13:11:48 - [0] ----D- C:\Program Files\NetConceal O43 - CFD: 10/07/2011 - 19:33:52 - [524761037] ----D- C:\Program Files\Nuance O43 - CFD: 08/05/2011 - 11:09:50 - [806371196] ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 10/06/2011 - 00:30:38 - [423181738] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 03/02/2010 - 21:05:46 - [21080073] ----D- C:\Program Files\Paltalk Messenger O43 - CFD: 07/07/2009 - 19:45:12 - [13439408] ----D- C:\Program Files\Perfect Uninstaller O43 - CFD: 26/10/2008 - 18:39:04 - [2467294] ----D- C:\Program Files\PROnetworks O43 - CFD: 10/06/2009 - 10:36:00 - [1499468173] ----D- C:\Program Files\Propellerhead O43 - CFD: 18/02/2010 - 18:11:34 - [2390068] ----D- C:\Program Files\ProxyFirewall O43 - CFD: 30/07/2011 - 19:14:54 - [48071107] ----D- C:\Program Files\QuickMediaConverter O43 - CFD: 27/07/2011 - 21:28:22 - [941108] ----D- C:\Program Files\QuickPar O43 - CFD: 17/07/2011 - 16:06:00 - [76322555] ----D- C:\Program Files\QuickTime O43 - CFD: 07/12/2007 - 15:17:42 - [16359636] ----D- C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 14:37:36 - [60923158] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 27/05/2010 - 09:33:40 - [1773056] ----D- C:\Program Files\RegCleaner O43 - CFD: 11/08/2011 - 07:46:54 - [435556628] ----D- C:\Program Files\RegTweaker O43 - CFD: 23/07/2011 - 23:27:28 - [25567923] ----D- C:\Program Files\Replay Video Capture O43 - CFD: 10/05/2009 - 13:59:16 - [2367370] ----D- C:\Program Files\Sandboxie O43 - CFD: 01/12/2009 - 14:25:10 - [10451377] ----D- C:\Program Files\Smart Projects O43 - CFD: 30/07/2011 - 23:31:32 - [22354572] ----D- C:\Program Files\SmartSound Software O43 - CFD: 28/05/2009 - 13:42:56 - [140056594] ----D- C:\Program Files\Sony O43 - CFD: 29/11/2009 - 17:46:26 - [82517518] ----D- C:\Program Files\Spybot - Search & Destroy O43 - CFD: 13/06/2011 - 07:46:06 - [5595691] ----D- C:\Program Files\StreamTransport O43 - CFD: 23/08/2009 - 10:00:38 - [30000440] ----D- C:\Program Files\SubDownloader2 O43 - CFD: 20/01/2011 - 18:40:42 - [17503545] ----D- C:\Program Files\Super macro O43 - CFD: 21/09/2009 - 08:20:28 - [22828817] ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD: 09/05/2011 - 12:42:32 - [396401] ----D- C:\Program Files\SystemRequirementsLab O43 - CFD: 29/09/2009 - 22:39:18 - [2059346] ----D- C:\Program Files\Technitium O43 - CFD: 05/07/2009 - 15:03:26 - [61878111] ----D- C:\Program Files\TechSmith O43 - CFD: 13/12/2008 - 18:06:40 - [27495818] ----D- C:\Program Files\Total Video Converter O43 - CFD: 08/08/2011 - 06:30:22 - [801475] ----D- C:\Program Files\trend micro O43 - CFD: 13/07/2011 - 21:20:28 - [11055] ----D- C:\Program Files\Trojan Remover O43 - CFD: 06/08/2009 - 07:58:28 - [42463405] ----D- C:\Program Files\TuneUp Utilities 2009 O43 - CFD: 07/12/2007 - 16:10:18 - [390235965] ----D- C:\Program Files\Ulead Systems O43 - CFD: 30/06/2009 - 08:53:18 - [53248] ----D- C:\Program Files\UltraISO O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 16/09/2008 - 12:07:56 - [270128] ----D- C:\Program Files\uTorrent O43 - CFD: 14/09/2008 - 13:45:36 - [91167406] ----D- C:\Program Files\VideoLAN O43 - CFD: 28/05/2009 - 13:41:34 - [247] ----D- C:\Program Files\Vstplugins O43 - CFD: 05/05/2009 - 05:27:24 - [858084] ----D- C:\Program Files\Western Digital Technologies O43 - CFD: 27/05/2009 - 20:27:28 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 27/05/2009 - 20:27:22 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 27/05/2009 - 20:27:06 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 17/07/2011 - 08:35:04 - [142742] ----D- C:\Program Files\Windows Installer Clean Up O43 - CFD: 27/05/2009 - 20:27:22 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 15/06/2011 - 08:35:16 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 15/04/2011 - 08:09:46 - [4498121] ----D- C:\Program Files\Windows Media Player O43 - CFD: 11/09/2008 - 15:33:34 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 27/05/2009 - 20:27:16 - [13528738] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 27/05/2009 - 20:27:22 - [6527558] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 01/08/2011 - 11:28:30 - [3656864] ----D- C:\Program Files\WinRar O43 - CFD: 22/01/2009 - 16:15:36 - [73026611] ----D- C:\Program Files\WorldOfGoo O43 - CFD: 07/12/2007 - 15:32:14 - [18211] ----D- C:\Program Files\X10 Hardware O43 - CFD: 09/07/2011 - 20:02:34 - [11894039] ----D- C:\Program Files\XP Repair Pro 4.0 O43 - CFD: 01/05/2010 - 18:11:48 - [770235] ----D- C:\Program Files\Xvid O43 - CFD: 02/05/2009 - 12:07:36 - [25269443] ----D- C:\Program Files\Yahoo! O43 - CFD: 11/08/2011 - 06:47:12 - [105755527] ----D- C:\Program Files\ZebHelpProcess O43 - CFD: 01/07/2011 - 10:54:26 - [2562] --H-D- C:\Program Files\Zero G Registry O43 - CFD: 11/08/2011 - 10:54:56 - [3999742] ----D- C:\Program Files\ZHPDiag O43 - CFD: 13/01/2009 - 18:31:54 - [110232435] ----D- C:\Program Files\Common Files\Acronis O43 - CFD: 18/07/2011 - 13:43:44 - [384772482] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 17/07/2011 - 16:02:26 - [54774793] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 08/08/2011 - 18:30:48 - [7675827] ----D- C:\Program Files\Common Files\Borland Shared O43 - CFD: 07/12/2007 - 16:38:50 - [92976] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 16/04/2009 - 16:17:40 - [17572458] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 12/06/2011 - 08:44:14 - [1258951] ----D- C:\Program Files\Common Files\Java O43 - CFD: 27/05/2009 - 02:24:10 - [2393173] ----D- C:\Program Files\Common Files\L&H O43 - CFD: 23/07/2011 - 09:10:08 - [751228] ----D- C:\Program Files\Common Files\Logitech O43 - CFD: 27/05/2009 - 02:24:10 - [514438994] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 26/07/2009 - 14:39:20 - [196915582] ----D- C:\Program Files\Common Files\Nero O43 - CFD: 28/05/2009 - 10:36:28 - [0] ----D- C:\Program Files\Common Files\Screaming Bee O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 12/06/2011 - 09:16:16 - [2254216] ----D- C:\Program Files\Common Files\Skype O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 27/05/2009 - 20:27:16 - [43753230] ----D- C:\Program Files\Common Files\System O43 - CFD: 07/12/2007 - 16:10:18 - [3070792] ----D- C:\Program Files\Common Files\Ulead Systems O43 - CFD: 30/01/2009 - 13:56:04 - [5681152] ----D- C:\Program Files\Common Files\Wise Installation Wizard O43 - CFD: 07/12/2007 - 15:31:50 - [2749689] ----D- C:\Program Files\Common Files\X10 O43 - CFD: 26/10/2008 - 03:34:02 - [6608] ----D- C:\ProgramData\2DBoy O43 - CFD: 13/01/2009 - 18:37:48 - [36553] ----D- C:\ProgramData\Acronis O43 - CFD: 18/07/2011 - 07:17:42 - [536174327] ----D- C:\ProgramData\Adobe O43 - CFD: 17/07/2011 - 16:02:02 - [20614656] ----D- C:\ProgramData\Apple O43 - CFD: 17/07/2011 - 16:05:52 - [26906557] ----D- C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 11/09/2008 - 15:33:32 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 21/05/2011 - 17:48:26 - [20771855] ----D- C:\ProgramData\COMODO O43 - CFD: 04/04/2010 - 10:23:16 - [0] ----D- C:\ProgramData\Comodo Downloader O43 - CFD: 31/07/2011 - 07:03:20 - [55391] ----D- C:\ProgramData\CyberLink O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 30/07/2011 - 23:31:32 - [360580] ----D- C:\ProgramData\eSellerate O43 - CFD: 11/09/2008 - 15:33:32 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 10/07/2011 - 19:31:48 - [3552836] ----D- C:\ProgramData\FLEXnet O43 - CFD: 01/10/2009 - 13:26:56 - [2796] ----D- C:\ProgramData\FreeDownloadManager.ORG O43 - CFD: 16/09/2008 - 11:20:28 - [14402] ----D- C:\ProgramData\Google O43 - CFD: 25/03/2009 - 21:00:22 - [14476] ----D- C:\ProgramData\Google Updater O43 - CFD: 02/08/2011 - 21:43:12 - [0] ----D- C:\ProgramData\hssff O43 - CFD: 07/12/2007 - 16:11:52 - [148] ----D- C:\ProgramData\InstallShield O43 - CFD: 01/07/2011 - 10:59:48 - [124] ----D- C:\ProgramData\Key Metric Software O43 - CFD: 10/07/2011 - 19:33:52 - [3552851] ----D- C:\ProgramData\Macrovision O43 - CFD: 27/07/2009 - 08:26:02 - [16667929] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 30/09/2008 - 09:45:44 - [3120] ----D- C:\ProgramData\Mediafour O43 - CFD: 11/09/2008 - 15:33:32 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 17/03/2009 - 14:17:48 - [11499] ----D- C:\ProgramData\Micro Application O43 - CFD: 08/05/2011 - 11:39:32 - [520541668] -S--D- C:\ProgramData\Microsoft O43 - CFD: 15/12/2009 - 17:14:24 - [64118606] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 11/09/2008 - 15:33:34 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 26/07/2009 - 14:27:44 - [10019027] ----D- C:\ProgramData\Nero O43 - CFD: 27/05/2010 - 10:12:24 - [64869] ----D- C:\ProgramData\Neuro-Programmer 2 Files O43 - CFD: 10/07/2011 - 19:34:52 - [106] ----D- C:\ProgramData\Nuance O43 - CFD: 11/08/2011 - 09:51:06 - [2410494] ----D- C:\ProgramData\NVIDIA O43 - CFD: 08/05/2011 - 09:56:04 - [608137] ----D- C:\ProgramData\NVIDIA Corporation O43 - CFD: 10/06/2009 - 10:36:32 - [3401039] ----D- C:\ProgramData\Propellerhead Software O43 - CFD: 17/07/2011 - 11:44:38 - [14598520] ----D- C:\ProgramData\Quark O43 - CFD: 18/07/2011 - 14:16:48 - [3420] ----D- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 10/07/2011 - 19:33:06 - [157501] ----D- C:\ProgramData\ScanSoft O43 - CFD: 28/05/2009 - 10:35:36 - [142] ----D- C:\ProgramData\Screaming Bee O43 - CFD: 12/06/2011 - 09:16:12 - [20366348] ----D- C:\ProgramData\Skype O43 - CFD: 12/06/2011 - 12:51:46 - [2818489] ----D- C:\ProgramData\Skype Extras O43 - CFD: 01/08/2011 - 00:06:36 - [57286093] ----D- C:\ProgramData\SmartSound Software Inc O43 - CFD: 08/08/2011 - 17:59:46 - [7437831] ----D- C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 08/04/2010 - 09:55:14 - [189] ----D- C:\ProgramData\Sun O43 - CFD: 08/01/2009 - 09:03:14 - [692] ----D- C:\ProgramData\Sunbelt O43 - CFD: 30/01/2009 - 13:56:58 - [0] ----D- C:\ProgramData\SUPERAntiSpyware.com O43 - CFD: 05/07/2009 - 15:03:32 - [75993116] ----D- C:\ProgramData\TechSmith O43 - CFD: 04/08/2011 - 20:06:28 - [438136] ---AD- C:\ProgramData\TEMP O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 22/01/2009 - 07:57:12 - [6322] ----D- C:\ProgramData\TreeCardGames O43 - CFD: 29/04/2009 - 04:38:30 - [1645281] ----D- C:\ProgramData\TuneUp Software O43 - CFD: 07/12/2007 - 16:10:32 - [93242] ----D- C:\ProgramData\Ulead Systems O43 - CFD: 01/07/2011 - 10:02:26 - [6960] ----D- C:\ProgramData\UniversalisV16 O43 - CFD: 17/12/2007 - 18:22:46 - [2492] ----D- C:\ProgramData\Windows Genuine Advantage O43 - CFD: 30/05/2009 - 08:26:04 - [0] ----D- C:\ProgramData\WindowsSearch O43 - CFD: 03/07/2011 - 00:45:06 - [411625] ----D- C:\ProgramData\X10 Settings O43 - CFD: 02/05/2009 - 12:31:00 - [609043] ----D- C:\ProgramData\Yahoo! O43 - CFD: 10/07/2011 - 19:34:22 - [52073] ----D- C:\ProgramData\zeon O43 - CFD: 20/02/2009 - 18:24:24 - [0] ----D- C:\ProgramData\_comodo_ O43 - CFD: 07/12/2007 - 16:54:24 - [6904816] ----D- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} O43 - CFD: 29/04/2009 - 04:36:20 - [16657408] -SH-D- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357} O43 - CFD: 16/01/2009 - 22:31:14 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Acronis O43 - CFD: 29/07/2011 - 09:22:12 - [21183407] ----D- C:\Users\Patouche\AppData\Roaming\Adobe O43 - CFD: 17/07/2011 - 15:01:24 - [355] ----D- C:\Users\Patouche\AppData\Roaming\Adobe Mini Bridge CS5.1 O43 - CFD: 17/07/2011 - 11:54:56 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Apple Computer O43 - CFD: 24/06/2011 - 20:07:24 - [21644] ----D- C:\Users\Patouche\AppData\Roaming\Broad Intelligence O43 - CFD: 17/07/2011 - 15:24:42 - [28938] ----D- C:\Users\Patouche\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O43 - CFD: 17/07/2011 - 15:23:28 - [0] ----D- C:\Users\Patouche\AppData\Roaming\com.adobe.DC3Module.AdobeADC O43 - CFD: 31/07/2011 - 18:52:32 - [21398157] ----D- C:\Users\Patouche\AppData\Roaming\CyberLink O43 - CFD: 06/04/2011 - 08:00:34 - [199] ----D- C:\Users\Patouche\AppData\Roaming\dvdcss O43 - CFD: 10/07/2011 - 19:37:12 - [139] ----D- C:\Users\Patouche\AppData\Roaming\FLEXnet O43 - CFD: 06/01/2010 - 16:08:24 - [0] ----D- C:\Users\Patouche\AppData\Roaming\FMZilla O43 - CFD: 10/08/2011 - 09:04:02 - [1071] ----D- C:\Users\Patouche\AppData\Roaming\Free Download Manager O43 - CFD: 28/01/2009 - 09:21:44 - [33225] ----D- C:\Users\Patouche\AppData\Roaming\Google O43 - CFD: 10/06/2009 - 08:40:30 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Help O43 - CFD: 22/07/2011 - 10:12:46 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Hensense.com O43 - CFD: 11/09/2008 - 15:59:48 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Identities O43 - CFD: 01/07/2011 - 10:40:46 - [916719] ----D- C:\Users\Patouche\AppData\Roaming\Key Metric Software O43 - CFD: 13/09/2008 - 23:31:48 - [928128] ----D- C:\Users\Patouche\AppData\Roaming\Lavasoft O43 - CFD: 03/07/2011 - 21:53:14 - [24490118] ----D- C:\Users\Patouche\AppData\Roaming\LimeWire O43 - CFD: 13/09/2008 - 10:54:54 - [3123823] ----D- C:\Users\Patouche\AppData\Roaming\Macromedia O43 - CFD: 18/04/2010 - 17:05:36 - [121928] ----D- C:\Users\Patouche\AppData\Roaming\MahJong Suite O43 - CFD: 27/07/2009 - 08:26:16 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Malwarebytes O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Media Center Programs O43 - CFD: 20/07/2009 - 14:44:22 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Media Player Classic O43 - CFD: 22/01/2010 - 20:08:20 - [16393] ----D- C:\Users\Patouche\AppData\Roaming\MeuhMeuhTV O43 - CFD: 18/06/2011 - 08:14:46 - [8537998] -S--D- C:\Users\Patouche\AppData\Roaming\Microsoft O43 - CFD: 31/05/2009 - 19:01:04 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Morpheus Software O43 - CFD: 19/07/2011 - 23:15:40 - [35867014] ----D- C:\Users\Patouche\AppData\Roaming\Mozilla O43 - CFD: 04/08/2009 - 17:17:34 - [1070907] ----D- C:\Users\Patouche\AppData\Roaming\Nero O43 - CFD: 10/07/2011 - 19:33:18 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Nuance O43 - CFD: 13/10/2008 - 22:02:56 - [37783079] ----D- C:\Users\Patouche\AppData\Roaming\OpenOffice.org O43 - CFD: 04/01/2010 - 12:45:32 - [51403] ----D- C:\Users\Patouche\AppData\Roaming\Paltalk O43 - CFD: 08/11/2009 - 01:54:28 - [0] ----D- C:\Users\Patouche\AppData\Roaming\PeerNetworking O43 - CFD: 10/06/2009 - 10:38:34 - [14912] ----D- C:\Users\Patouche\AppData\Roaming\Propellerhead Software O43 - CFD: 28/05/2009 - 14:10:28 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Publish Providers O43 - CFD: 17/07/2011 - 11:48:44 - [41208] ----D- C:\Users\Patouche\AppData\Roaming\Quark O43 - CFD: 30/09/2008 - 02:27:30 - [0] ----D- C:\Users\Patouche\AppData\Roaming\RayV O43 - CFD: 10/07/2011 - 22:39:12 - [1415789] ----D- C:\Users\Patouche\AppData\Roaming\ScanSoft O43 - CFD: 28/05/2009 - 12:06:20 - [22958] ----D- C:\Users\Patouche\AppData\Roaming\Screaming Bee O43 - CFD: 12/06/2011 - 13:31:02 - [2110241] ----D- C:\Users\Patouche\AppData\Roaming\Skype O43 - CFD: 12/06/2011 - 09:16:34 - [87728] ----D- C:\Users\Patouche\AppData\Roaming\skypePM O43 - CFD: 28/05/2009 - 13:43:52 - [0] ----D- C:\Users\Patouche\AppData\Roaming\Sony O43 - CFD: 17/07/2011 - 15:01:24 - [0] ----D- C:\Users\Patouche\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 O43 - CFD: 30/01/2009 - 13:56:44 - [37771821] ----D- C:\Users\Patouche\AppData\Roaming\SUPERAntiSpyware.com O43 - CFD: 09/05/2011 - 12:43:10 - [1163264] ----D- C:\Users\Patouche\AppData\Roaming\SystemRequirementsLab O43 - CFD: 12/09/2008 - 10:27:26 - [22588] ----D- C:\Users\Patouche\AppData\Roaming\Talkback O43 - CFD: 01/10/2008 - 13:13:36 - [13824] ----D- C:\Users\Patouche\AppData\Roaming\Template O43 - CFD: 12/09/2008 - 10:27:06 - [393040712] ----D- C:\Users\Patouche\AppData\Roaming\Thunderbird O43 - CFD: 12/05/2009 - 01:13:10 - [34748] ----D- C:\Users\Patouche\AppData\Roaming\TotalRecorder O43 - CFD: 29/04/2009 - 04:38:48 - [49808] ----D- C:\Users\Patouche\AppData\Roaming\TuneUp Software O43 - CFD: 25/01/2009 - 23:49:28 - [14703405] ----D- C:\Users\Patouche\AppData\Roaming\Ulead Systems O43 - CFD: 03/08/2011 - 12:54:48 - [35194324] ----D- C:\Users\Patouche\AppData\Roaming\uTorrent O43 - CFD: 19/12/2009 - 23:28:16 - [340801] ----D- C:\Users\Patouche\AppData\Roaming\VitySoft O43 - CFD: 29/07/2011 - 19:36:48 - [80761] ----D- C:\Users\Patouche\AppData\Roaming\vlc O43 - CFD: 14/09/2008 - 13:29:46 - [0] ----D- C:\Users\Patouche\AppData\Roaming\WinRAR O43 - CFD: 25/01/2009 - 06:55:54 - [13904] ----D- C:\Users\Patouche\AppData\Roaming\WNR O43 - CFD: 10/07/2011 - 19:37:02 - [54962] ----D- C:\Users\Patouche\AppData\Roaming\Zeon O43 - CFD: 19/07/2011 - 08:14:20 - [35610453] ----D- C:\Users\Patouche\AppData\Local\Adobe O43 - CFD: 12/09/2008 - 19:28:32 - [190265] ----D- C:\Users\Patouche\AppData\Local\Ahead O43 - CFD: 17/07/2011 - 16:02:06 - [0] ----D- C:\Users\Patouche\AppData\Local\Apple O43 - CFD: 17/07/2011 - 15:30:06 - [0] ----D- C:\Users\Patouche\AppData\Local\Apple Computer O43 - CFD: 11/09/2008 - 15:59:40 - [0] -SH-D- C:\Users\Patouche\AppData\Local\Application Data O43 - CFD: 16/02/2010 - 07:28:16 - [0] ----D- C:\Users\Patouche\AppData\Local\Apps O43 - CFD: 23/01/2009 - 13:26:42 - [12697] ----D- C:\Users\Patouche\AppData\Local\COMODO O43 - CFD: 28/01/2009 - 09:21:44 - [30687] ----D- C:\Users\Patouche\AppData\Local\Google O43 - CFD: 10/12/2010 - 07:35:34 - [133356] ----D- C:\Users\Patouche\AppData\Local\Help O43 - CFD: 11/09/2008 - 15:59:40 - [0] -SH-D- C:\Users\Patouche\AppData\Local\Historique O43 - CFD: 05/10/2008 - 00:53:40 - [8139] ----D- C:\Users\Patouche\AppData\Local\MakeDisc O43 - CFD: 18/06/2011 - 08:14:46 - [199411751] ----D- C:\Users\Patouche\AppData\Local\Microsoft O43 - CFD: 27/02/2009 - 19:41:22 - [1099882] ----D- C:\Users\Patouche\AppData\Local\Microsoft Games O43 - CFD: 18/10/2008 - 05:37:30 - [120944] ----D- C:\Users\Patouche\AppData\Local\Microsoft Help O43 - CFD: 06/01/2009 - 13:41:50 - [263191] ----D- C:\Users\Patouche\AppData\Local\MigWiz O43 - CFD: 11/09/2008 - 18:08:04 - [43275352] ----D- C:\Users\Patouche\AppData\Local\Mozilla O43 - CFD: 09/10/2008 - 02:22:06 - [68340] ----D- C:\Users\Patouche\AppData\Local\Nero O43 - CFD: 05/10/2008 - 00:53:28 - [0] ----D- C:\Users\Patouche\AppData\Local\PowerCinema O43 - CFD: 17/07/2011 - 11:51:50 - [860359] ----D- C:\Users\Patouche\AppData\Local\Quark O43 - CFD: 04/08/2011 - 07:31:26 - [750583] ----D- C:\Users\Patouche\AppData\Local\QuickPar O43 - CFD: 28/05/2009 - 13:43:52 - [37220] ----D- C:\Users\Patouche\AppData\Local\Sony O43 - CFD: 05/07/2009 - 15:03:26 - [5138216] ----D- C:\Users\Patouche\AppData\Local\TechSmith O43 - CFD: 11/08/2011 - 10:53:12 - [40960] ----D- C:\Users\Patouche\AppData\Local\temp O43 - CFD: 11/09/2008 - 15:59:40 - [0] -SH-D- C:\Users\Patouche\AppData\Local\Temporary Internet Files O43 - CFD: 12/09/2008 - 10:27:18 - [3771268] ----D- C:\Users\Patouche\AppData\Local\Thunderbird O43 - CFD: 12/09/2008 - 19:31:02 - [91305987] ----D- C:\Users\Patouche\AppData\Local\VirtualStore O43 - CFD: 27/04/2010 - 20:34:48 - [11647155] ----D- C:\Users\Patouche\AppData\Local\Xenocode O43 - CFD: 02/05/2009 - 12:31:00 - [128032] ----D- C:\Users\Patouche\AppData\Local\Yahoo O43 - CFD: 09/07/2011 - 20:01:38 - [5998080] ----D- C:\Users\Patouche\AppData\Local\{42FFD6CD-1797-4302-8C84-959BECBCDA13} O43 - CFD: 17/07/2011 - 11:44:38 - [755033914] ----D- C:\Program Files (x86)\Quark ~ Scan Program Folder in 00mn 43s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.5FDEDB92A83621A5B593B0FFF0522D92] - 11/08/2011 - 09:39:36 ---A- . (...) -- C:\PDOXUSRS.NET [13030] O44 - LFC:[MD5.E8B2C85E0E26DCA5D644B671F4D21634] - 11/08/2011 - 09:25:15 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.CED80FB9F77B6FE28858BEA9347E689A] - 11/08/2011 - 08:50:51 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.76424DA08A5B6AD8E08A5D9BAD8B5291] - 11/08/2011 - 08:31:26 ---A- . (...) -- C:\ComboFix.txt [21263] O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 11/08/2011 - 08:28:35 ---A- . (...) -- C:\Windows\system.ini [215] O44 - LFC:[MD5.10A4CBFA036A7BFCD603FD774B50A69D] - 11/08/2011 - 07:42:27 ---A- . (...) -- C:\lxcz.log [1137088] O44 - LFC:[MD5.9D05BB1B285D289A3453FA5C8F7340DC] - 11/08/2011 - 04:44:20 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1627304] O44 - LFC:[MD5.89884003BC4879291A972EFA69E1CD30] - 11/08/2011 - 04:44:20 ---A- . (...) -- C:\Windows\system32\perfc009.dat [119570] O44 - LFC:[MD5.66F0A617AFB68B1BDC082CB27B17B940] - 11/08/2011 - 04:44:20 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [147302] O44 - LFC:[MD5.2A3D1614965594AFE2D204981E3AF83B] - 11/08/2011 - 04:44:20 ---A- . (...) -- C:\Windows\system32\perfh009.dat [638364] O44 - LFC:[MD5.D475EF68B9404CD92E26991789757C2B] - 11/08/2011 - 04:44:20 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [728918] O44 - LFC:[MD5.C8E7DBBC71D034CB62EA877E28FEB8BC] - 08/08/2011 - 20:47:54 ---A- . (...) -- C:\ZHPRegY2.zhp [1668] O44 - LFC:[MD5.D4C4C0D78AB3F120855BD292FC309DC5] - 08/08/2011 - 20:47:50 ---A- . (...) -- C:\ZHPRegY1.zhp [1668] O44 - LFC:[MD5.29485D501812B9CB0BD0DD414EAFE3F0] - 08/08/2011 - 20:47:46 ---A- . (...) -- C:\ZHPRegY0.zhp [1668] O44 - LFC:[MD5.753BC16326FEE4A421ACB636CCD602F4] - 08/08/2011 - 06:34:36 ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe [60416] O44 - LFC:[MD5.A46842C9B0C567A5A9584E83A163560C] - 08/08/2011 - 06:34:35 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe [518144] O44 - LFC:[MD5.0297C72529807322B152F517FDB0A9FC] - 08/08/2011 - 06:34:35 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe [406528] O44 - LFC:[MD5.254FB16160D9FA5385F4B5CF47B9C7DF] - 08/08/2011 - 06:29:57 R---- . (.Swearware - ComboFix NSIS Installer.) -- C:\ComboFix.exe [4165965] O44 - LFC:[MD5.CAC8625BD5BF14440B52FA9F1184BDF5] - 03/08/2011 - 10:23:21 ---A- . (...) -- C:\Windows\Sandboxie.ini [5528] O44 - LFC:[MD5.FFC3D6AE9084F75EC0600305F06B1CFB] - 01/08/2011 - 07:35:55 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [3751616] O44 - LFC:[MD5.F80B2B68002ADB19673B086DA1EEDD4F] - 17/07/2011 - 10:38:04 ---A- . (...) -- C:\Windows\QTFont.for [1409] O44 - LFC:[MD5.DBA91CD5A3A68302967C03213E52BDE8] - 17/07/2011 - 10:38:04 --HA- . (...) -- C:\Windows\QTFont.qfn [54156] O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 26/06/2011 - 07:45:56 ---A- . (...) -- C:\Windows\PEV.exe [256000] O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 07/11/2010 - 18:20:24 ---A- . (...) -- C:\Windows\MBR.exe [208896] O44 - LFC:[MD5.8C25E347F5E2C2BCA9B5258A68B72AE7] - 20/01/1999 - 04:01:00 ---A- . (...) -- C:\Windows\system32\DBCLIENT.DLL [210032] O44 - LFC:[MD5.4BC02BD73338C3A26265F5C64DBEC770] - 12/11/1999 - 04:11:00 ---A- . (...) -- C:\Windows\system32\BDEADMIN.CPL [183808] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 01:00:00 ---A- . (...) -- C:\Windows\zip.exe [68096] ~ Scan Files in 00mn 06s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Labtec Inc. - Video Codec.) -- C:\Windows\system32\lvcodec2.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll O52 - TDSD: \Drivers32\"wave"="DrvTrNTm.dll" . (.High Criteria inc. - Wave sound driver for the Total Recorder (Professional Edition).) -- C:\Windows\system32\DrvTrNTm.dll O52 - TDSD: \Drivers32\"mixer"="DrvTrNTm.dll" . (.High Criteria inc. - Wave sound driver for the Total Recorder (Professional Edition).) -- C:\Windows\system32\DrvTrNTm.dll O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\system32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\system32\divx.dll O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\system32\l3codecp.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"DrvTrNTm.dll"="Wave sound driver for the TotalRecorder" . (.High Criteria inc. - Wave sound driver for the Total Recorder (Professional Edition).) -- C:\Windows\system32\DrvTrNTm.dll O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\system32\xvidvfw.dll O52 - TDSD: \drivers.desc\"divx.dll"="DivX Pro 6.8.0" . (...) -- (.not file.) ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\Acrobat Assistant 8.0 [Key] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe O53 - SMSR:HKLM\...\startupreg\Adobe Acrobat Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\PDF5 Registry Controller [Key] . (.Nuance Communications, Inc. - PDF Converter Registry Controller.) -- C:\Program Files\Nuance\PDF Create 5\RegistryController.exe O53 - SMSR:HKLM\...\startupreg\PDFHook [Key] . (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files\Nuance\PDF Create 5\pdfcreate5hook.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoBandCustomize"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.651C54AC4EC5C5397C5AFF5D575CA45B] - 30/01/2011 - 08:17:08 ---A- . (.NXP Semiconductors Germany GmbH - 3xHybrid.) -- C:\Windows\system32\drivers\3xHybrid.sys [1302368] O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 30/01/2011 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968] O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 30/01/2011 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576] O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 30/01/2011 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408] O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 30/01/2011 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048] O58 - SDL:[MD5.496EDA16A127AC9A38BB285BEF17DBB5] - 07/08/2011 - 15:45:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17592] O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 30/01/2011 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688] O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 30/01/2011 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 30/01/2011 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 30/01/2011 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 30/01/2011 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 30/01/2011 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 30/01/2011 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 30/01/2011 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.B1C737DBFDF2A2F1583D7A1F487390BB] - 30/06/2011 - 17:07:40 ---A- . (.cFos Software GmbH - cFosSpeed Driver.) -- C:\Windows\system32\drivers\cfosspeed.sys [974040] O58 - SDL:[MD5.DE82681C08EB3840913ED0338CBEE0BA] - 30/01/2011 - 09:37:53 ---A- . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\Windows\system32\drivers\cmderd.sys [19088] O58 - SDL:[MD5.BBE32E04E88B0048EC16F1D6C8936C4B] - 30/01/2011 - 09:37:54 ---A- . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\Windows\system32\drivers\cmdGuard.sys [238960] O58 - SDL:[MD5.497590EA7A94B98EA7A4516EBF0FB8D2] - 30/01/2011 - 09:37:55 ---A- . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\Windows\system32\drivers\cmdhlp.sys [36568] O58 - SDL:[MD5.59172A0724F2AB769F31D61B0571D75B] - 30/01/2011 - 15:45:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19128] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 30/01/2011 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.0AB8D9D7C5AC81FC736D7C208F737570] - 21/06/2011 - 09:18:02 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\Windows\system32\drivers\Dr71WU.sys [489984] O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 30/01/2011 - 08:30:54 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760] O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 30/01/2011 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520] O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 30/01/2011 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480] O58 - SDL:[MD5.4F28652EC514FA1BA473BC1A695A5C98] - 02/08/2011 - 00:40:12 ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\system32\drivers\HssDrv.sys [37376] O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 30/01/2011 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 30/01/2011 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.1C65E930ABA113F2CE59D32C7D8BC03F] - 30/01/2011 - 09:37:56 ---A- . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\Windows\system32\drivers\inspect.sys [82400] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 30/01/2011 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 30/01/2011 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 30/01/2011 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640] O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 30/01/2011 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640] O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 30/01/2011 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640] O58 - SDL:[MD5.03E86718BB5AA2716C7349A854FF6203] - 30/01/2011 - 11:14:38 ---A- . (.Labtec Inc. - Logitech Elch 2 Video Driver.) -- C:\Windows\system32\drivers\LV561AV.SYS [211712] O58 - SDL:[MD5.C7FCB579956B7FDE002E6E9DE36728D3] - 30/01/2011 - 11:11:16 ---A- . (.Labtec Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBSta.sys [22016] O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 30/01/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 16/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.AF61A1C34E2D3F7543F9CCFC323170B8] - 30/01/2011 - 16:19:28 ---A- . (.MagicISO, Inc. - MagicISO SCSI Host Controller.) -- C:\Windows\system32\drivers\mcdbus.sys [116736] O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 30/01/2011 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 30/01/2011 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.9BA2F93E4F01EC58E722B36639E0CE5D] - 30/01/2011 - 10:38:22 ---A- . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\system32\drivers\netr28u.sys [554496] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 30/01/2011 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 30/01/2011 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.96C27791D5AE5C77E37C61B15112E38D] - 08/05/2011 - 16:59:19 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda32v.sys [139368] O58 - SDL:[MD5.847B1755F7757F825305A1FFE6DAC3E9] - 21/05/2011 - 05:01:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 275.33.) -- C:\Windows\system32\drivers\nvlddmkm.sys [10589800] O58 - SDL:[MD5.D668632606D1CEBF0B6EC64C1DF7ED6F] - 30/01/2011 - 02:39:50 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvmfdx32.sys [1040544] O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 30/01/2011 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040] O58 - SDL:[MD5.4876E7C3184BDF50EDE043FEF616B867] - 30/01/2011 - 11:23:20 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor32.sys [115744] O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 30/01/2011 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 30/01/2011 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.56661BEAE591E59067710B6CBCA78184] - 30/01/2011 - 17:13:00 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2016920] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 30/01/2011 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 30/01/2011 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504] O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 30/01/2011 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784] O58 - SDL:[MD5.5CE1CF27620B144E212D407CDB14D339] - 30/01/2011 - 17:32:07 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\Windows\system32\drivers\snman380.sys [134272] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/01/2011 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [717296] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 30/01/2011 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 30/01/2011 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 30/01/2011 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.0C3B2A9C4BD2DD9A6C2E4084314DD719] - 30/01/2011 - 00:42:40 ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\system32\drivers\taphss.sys [32768] O58 - SDL:[MD5.BE7B1A73272648622B39BE3C610E3CA0] - 30/01/2011 - 17:32:18 ---A- . (.Acronis - Acronis Try&Decide Volume Filter Driver.) -- C:\Windows\system32\drivers\tdrpm147.sys [971232] O58 - SDL:[MD5.6DCB8DDB481CD3C40FA68593723B4D89] - 30/01/2011 - 17:32:11 ---A- . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\system32\drivers\tifsfilt.sys [44704] O58 - SDL:[MD5.394FC70B88B7958FA85798BBC76D140A] - 30/01/2011 - 17:32:11 ---A- . (.Acronis - Acronis True Image Backup Archive Explorer.) -- C:\Windows\system32\drivers\timntr.sys [540000] O58 - SDL:[MD5.7E55CBC1F285258C0475A8337F5BA324] - 30/01/2011 - 00:34:04 ---A- . (.High Criteria inc. - Total Recorder WDM audio driver.) -- C:\Windows\system32\drivers\TotRec7.sys [120472] O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 30/01/2011 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 30/01/2011 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 30/01/2011 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.7AA7EC9A08DC2C39649C413B1A26E298] - 30/01/2011 - 15:45:21 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20152] O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 30/01/2011 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232] O58 - SDL:[MD5.59C90BC8317BD3F6E5559A4DEAF35090] - 23/07/2011 - 18:13:20 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Virtual Bus Enumerator Driver.) -- C:\Windows\system32\drivers\WmBEnum.sys [19336] O58 - SDL:[MD5.999A4539AD634A741AFD357E290BD461] - 23/07/2011 - 18:13:28 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Hid Filter Driver.) -- C:\Windows\system32\drivers\WmFilter.sys [29192] O58 - SDL:[MD5.0B8C64B13776F17537F0705FE62799C6] - 23/07/2011 - 18:13:44 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Virtual Hid Device Driver.) -- C:\Windows\system32\drivers\WmVirHid.sys [14728] O58 - SDL:[MD5.8D388AEB1A12C1192AA9B4EBCEABCBA6] - 23/07/2011 - 18:13:52 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Translation Driver.) -- C:\Windows\system32\drivers\WmXlCore.sys [49160] O58 - SDL:[MD5.AB2D77BF7222B007717ABB61B15F9AE2] - 30/01/2011 - 10:31:04 ---A- . (.X10 Wireless Technology, Inc. - X10 HID Control Interface.) -- C:\Windows\system32\drivers\x10hid.sys [13976] O58 - SDL:[MD5.6BBF7A3BAB8FFDCCF82057FA2AAE2B7B] - 30/01/2011 - 15:18:18 ---A- . (.X10 Wireless Technology, Inc. - X10 USB Control Interface.) -- C:\Windows\system32\drivers\x10ufx2.sys [27416] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 07/08/2011 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 07/08/2011 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.539CA34FBC74EC366A0D751028C32A08] - 07/08/2011 - 09:57:54 ---A- . (...) -- C:\Windows\system32\epmntdrv.sys [14216] O58 - SDL:[MD5.1F2F4AB15CE03ECC257FEB2F6DC5A013] - 07/08/2011 - 09:57:54 ---A- . (...) -- C:\Windows\system32\EuGdiDrv.sys [8456] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 07/08/2011 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 07/08/2011 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 07/08/2011 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 07/08/2011 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 07/08/2011 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 07/08/2011 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 07/08/2011 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 07/08/2011 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 07/08/2011 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 07/08/2011 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 07/08/2011 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 07/08/2011 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 07/08/2011 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ~ Scan Drivers in 00mn 02s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: RSIT - (.random/random.) ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 29/10/2008 - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe - Acronis Scheduler2 Service(AcrSch2Svc) .(.Acronis - Acronis Scheduler 2.) - LEGACY_ACRSCH2SVC O64 - Services: CurCS - ??/??/???? - C:\Users\Patouche\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME O64 - Services: CurCS - 30/06/2011 - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe - COMODO Internet Security Helper Service(cmdAgent) .(.COMODO - COMODO Internet Security.) - LEGACY_CMDAGENT O64 - Services: CurCS - 30/06/2011 - C:\Windows\system32\DRIVERS\cmderd.sys - COMODO Internet Security Eradication Driver(cmderd) .(.COMODO - COMODO Internet Security Eradication Driver.) - LEGACY_CMDERD O64 - Services: CurCS - 30/06/2011 - C:\Windows\system32\DRIVERS\cmdguard.sys - COMODO Internet Security Sandbox Driver(cmdGuard) .(.COMODO - COMODO Internet Security Sandbox Driver.) - LEGACY_CMDGUARD O64 - Services: CurCS - 30/06/2011 - C:\Windows\system32\DRIVERS\cmdhlp.sys - COMODO Internet Security Helper Driver(cmdHlp) .(.COMODO - COMODO Internet Security Helper Driver.) - LEGACY_CMDHLP O64 - Services: CurCS - 25/09/2007 - C:\Program Files\MediaCoder\sysInfo.sys - CrystalSysInfo (CrystalSysInfo) .(...) - LEGACY_CRYSTALSYSINFO O64 - Services: CurCS - 24/03/2011 - C:\Windows\system32\epmntdrv.sys - epmntdrv (epmntdrv) .(...) - LEGACY_EPMNTDRV O64 - Services: CurCS - 24/03/2011 - C:\Windows\system32\EuGdiDrv.sys - EuGdiDrv (EuGdiDrv) .(...) - LEGACY_EUGDIDRV O64 - Services: CurCS - 30/06/2011 - C:\Windows\system32\DRIVERS\inspect.sys - COMODO Internet Security Firewall Driver(Inspect) .(.COMODO - COMODO Internet Security Firewall Driver.) - LEGACY_INSPECT O64 - Services: CurCS - ??/??/???? - C:\Users\Patouche\AppData\Local\Temp\mbr.sys (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - 25/01/2007 - C:\Program Files\Common Files\NMSAccessU.exe - NMSAccessU (NMSAccessU) .(...) - LEGACY_NMSACCESSU O64 - Services: CurCS - 04/04/2009 - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV(SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV O64 - Services: CurCS - 17/11/2008 - C:\Program Files\SUPERAntiSpyware\SASENUM.sys - SASENUM(SASENUM) .(. SUPERAdBlocker.com and SUPERAntiSpyware.co - SASENUM.SYS.) - LEGACY_SASENUM O64 - Services: CurCS - 21/09/2009 - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL(SASKUTIL) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - LEGACY_SASKUTIL O64 - Services: CurCS - 01/12/2009 - C:\Program Files\Sandboxie\SbieDrv.sys - SbieDrv(SbieDrv) .(.tzuk - Sandboxie Kernel Mode Driver.) - LEGACY_SBIEDRV O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 13/01/2009 - C:\Windows\system32\DRIVERS\tifsfilt.sys - Acronis True Image FS Filter(tifsfilter) .(.Acronis - Acronis True Image File System Filter.) - LEGACY_TIFSFILTER ~ Scan Services in 00mn 03s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Hotspot Shield Customized Web Search) - http://search.conduit.com O69 - SBI: SearchScopes [HKCU] {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} - (Private Search) - http://search.hotspotshield.com ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.945D09C0925F771F907DEE3D0452ECF4] [sPRF][11/08/2011] (.Realtek - rtdrvmon.) -- C:\Users\Patouche\AppData\Local\Temp\rtdrvmon.exe [40960] [MD5.503D8B4497FD2EE1F8212FD4A3ECD2B0] [sPRF][22/07/2011] (.Logitech - Pas de description.) -- C:\Users\Patouche\Desktop\driver joystick logitech precision xp&vista.exe [13876432] [MD5.B3575BA6D7596C2A0366F54F7E698156] [sPRF][20/01/2011] (...) -- C:\Users\Patouche\Desktop\Simon.exe [1242454] [MD5.DAB14AB84B651318A5F7CD8C7DB991A4] [sPRF][31/07/2011] (.Gibson Research Corp. - Universal Plug & Play Enable/Disable..) -- C:\Users\Patouche\Desktop\UnPnP.exe [22528] [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576] [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608] [MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{915F3C44-2AC4-40D6-8C72-012FD5AC2319}" | In - None - P17 - TRUE | .(.CyberLink Corp. - MakeDisc.) -- C:\Program Files\HomeCinema\MakeDisc\MakeDisc.exe O87 - FAEL: "{70DF0481-5AE2-4957-B072-D0CA13455CC6}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files\HomeCinema\PowerDirector\PDR.exe O87 - FAEL: "{558BFA19-D1F3-4648-9F16-7A7EBCCEBD2D}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDVD.) -- C:\Program Files\HomeCinema\PowerDVD\PowerDVD.exe O87 - FAEL: "{35AD0F8D-5639-4C9C-9DC1-AE87ADA5F1BF}" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O87 - FAEL: "{3F95FEDC-CD48-450A-A71E-E68D9220F758}" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O87 - FAEL: "TCP Query User{52E63CA1-8A04-4847-B728-F486703B3FE6}C:\vietcong\vietcong.exe" | In - Public - P6 - TRUE | .(...) -- C:\vietcong\vietcong.exe O87 - FAEL: "UDP Query User{C0A20C5D-1F1D-4E0C-BBA3-1A32F5702E65}C:\vietcong\vietcong.exe" | In - Public - P17 - TRUE | .(...) -- C:\vietcong\vietcong.exe O87 - FAEL: "TCP Query User{0556B251-244E-428F-B74B-760AA79FA315}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "UDP Query User{5599CD0F-B146-4C7B-87B7-7A02C0F18511}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "{42256B95-8EEE-445D-B0A8-7FC2250B589E}" | In - Private - P6 - TRUE | .(.Gas Powered Games - Dungeon Siege 2 Game Executable.) -- C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe O87 - FAEL: "{4485D963-83DD-4606-83D4-3F12F1777BB0}" | In - Private - P17 - TRUE | .(.Gas Powered Games - Dungeon Siege 2 Game Executable.) -- C:\Program Files\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe O87 - FAEL: "TCP Query User{36426AAB-EEFD-46F7-B51B-DA6F11405758}C:\program files\utorrent\utorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files\utorrent\utorrent.exe O87 - FAEL: "UDP Query User{479F9FE1-8FB2-468B-8A57-AAFFA75EB5B7}C:\program files\utorrent\utorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files\utorrent\utorrent.exe O87 - FAEL: "{3239C7FC-8A00-48A7-BC0F-117D20017188}" | In - Private - P6 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O87 - FAEL: "{4B9FECCA-A312-47EE-807A-854F47C313AC}" | In - Private - P17 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O87 - FAEL: "TCP Query User{A8181ECD-242D-4D10-9A3E-71CE909375C2}C:\program files\free download manager\fdmwi.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files\free download manager\fdmwi.exe O87 - FAEL: "UDP Query User{C234F548-F519-4275-ADD4-B409D7F1495E}C:\program files\free download manager\fdmwi.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files\free download manager\fdmwi.exe O87 - FAEL: "TCP Query User{CE08CD50-123B-453B-9115-C85D581FC54B}C:\users\patouche\logiciels vrac\charon\charon.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\patouche\logiciels vrac\charon\charon.exe O87 - FAEL: "UDP Query User{337526CB-9E61-494C-88FD-CA26EBA36302}C:\users\patouche\logiciels vrac\charon\charon.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\patouche\logiciels vrac\charon\charon.exe O87 - FAEL: "TCP Query User{D79D032B-DFFF-4A43-9187-4FC13552353E}C:\program files\videolan\vlc\vlc.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe O87 - FAEL: "UDP Query User{100C1AA6-E91E-4AC2-BEA3-6F8DA3B9F6CE}C:\program files\videolan\vlc\vlc.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe O87 - FAEL: "TCP Query User{B17CF5A0-7D21-42B8-8CFF-7DF6BB155C1C}C:\program files\free download manager\fdm.exe" | In - Public - P6 - TRUE | .(.FreeDownloadManager.ORG - Free Download Manager.) -- C:\program files\free download manager\fdm.exe O87 - FAEL: "UDP Query User{BE529950-976E-4610-A113-0E0A32BEA0B5}C:\program files\free download manager\fdm.exe" | In - Public - P17 - TRUE | .(.FreeDownloadManager.ORG - Free Download Manager.) -- C:\program files\free download manager\fdm.exe O87 - FAEL: "TCP Query User{6E8227A8-D9F4-4E13-9640-F0A442F51C1E}C:\program files\paltalk messenger\paltalk.exe" | In - Public - P6 - TRUE | .(.AVM Software Inc. - PaltalkScene.) -- C:\program files\paltalk messenger\paltalk.exe O87 - FAEL: "UDP Query User{8F2C6B48-8A66-4DC5-A933-BE4781664F33}C:\program files\paltalk messenger\paltalk.exe" | In - Public - P17 - TRUE | .(.AVM Software Inc. - PaltalkScene.) -- C:\program files\paltalk messenger\paltalk.exe O87 - FAEL: "TCP Query User{7CA6C358-2566-4A92-BD41-3B7150CC3E46}C:\program files\yahoo!\messenger\yahoomessenger.exe" | In - Public - P6 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\program files\yahoo!\messenger\yahoomessenger.exe O87 - FAEL: "UDP Query User{3FBD3E98-70EA-4362-9A2A-5F10D85539A1}C:\program files\yahoo!\messenger\yahoomessenger.exe" | In - Public - P17 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\program files\yahoo!\messenger\yahoomessenger.exe O87 - FAEL: "TCP Query User{7021F29B-229E-4D80-8509-68D09FD80D37}C:\program files\mozilla firefox\firefox.exe" | In - Public - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "UDP Query User{FF938056-CA88-43D4-8904-031875C9ADDC}C:\program files\mozilla firefox\firefox.exe" | In - Public - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "TCP Query User{83C26AF0-F13F-4D53-A6A9-25CF39C2BA14}C:\users\patouche\documents\transfert maxtor 40\program files\free download manager\fdmwi.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\patouche\documents\transfert maxtor 40\program O87 - FAEL: "UDP Query User{780910C5-AF30-4EC0-A8FA-6F95C49A2F53}C:\users\patouche\documents\transfert maxtor 40\program files\free download manager\fdmwi.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\patouche\documents\transfert maxtor 40\program O87 - FAEL: "TCP Query User{CEF5FFC6-C9C4-4F4D-A2E4-4F08A984ED97}C:\users\patouche\documents\transfert maxtor 40\program files\skype\phone\skype.exe" | In - Public - P6 - TRUE | .(.Skype Technologies S.A..) -- C:\users\patouche\documents\transfert maxtor O87 - FAEL: "UDP Query User{76E9E3D0-C271-454D-8B19-1D76AA4000FE}C:\users\patouche\documents\transfert maxtor 40\program files\skype\phone\skype.exe" | In - Public - P17 - TRUE | .(.Skype Technologies S.A..) -- C:\users\patouche\documents\transfert maxto O87 - FAEL: "{F70FB5D8-ABE6-404B-819B-5074EA3A7E9F}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Users\Patouche\Documents\Transfert Maxtor 40\Program Files\Skype\Phone\Skype.exe O87 - FAEL: "{85F2B4E0-BE34-464E-BD64-9DFAF7992C06}" | In - Public - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxczcoms.exe O87 - FAEL: "{5EE0A869-F39A-4A51-BC30-B52EC5E90D2D}" | In - Public - P17 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxczcoms.exe O87 - FAEL: "{0CD477EB-35FC-4CBC-AE40-B8B48BFB7926}" | In - Public - P6 - TRUE | .(.Lexmark International Inc. - Print Status Window Interface.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe O87 - FAEL: "{50039E21-6C63-470B-A315-06DC30B35FF5}" | In - Public - P17 - TRUE | .(.Lexmark International Inc. - Print Status Window Interface.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe O87 - FAEL: "TCP Query User{EA5B2A1A-BD1F-44CE-9E9F-19B45DFF85B5}C:\program files\encyclopaedia universalis 2011\encyclopaedia universalis 2011\universalis2011.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files\encyclopaedia universalis 2011\enc O87 - FAEL: "UDP Query User{CE846682-1F86-43DD-991E-ABE0C93AD195}C:\program files\encyclopaedia universalis 2011\encyclopaedia universalis 2011\universalis2011.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files\encyclopaedia universalis 2011\en O87 - FAEL: "{DD92BD18-D3E7-4E75-AB30-9D916C105957}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{4CDFEDB3-AA1F-40D4-AC2D-811E9236872F}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "TCP Query User{503EEEC5-0B8A-441B-9BA5-DE0125ED9033}C:\wamp\bin\apache\apache2.2.17\bin\httpd.exe" | In - Public - P6 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\wamp\bin\apache\apache2.2.17\bin\httpd.exe O87 - FAEL: "UDP Query User{88592D76-35CC-4E44-83EE-81E26B50BF31}C:\wamp\bin\apache\apache2.2.17\bin\httpd.exe" | In - Public - P17 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) -- C:\wamp\bin\apache\apache2.2.17\bin\httpd.exe O87 - FAEL: "{DE960D2D-6357-4D86-8583-A871A6FF8262}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files\CyberLink\PowerDirector\PDR9.exe ~ Scan Firewall in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : 8614 - (09/08/2011) Clés trouvées (Keys found) : 26 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 8 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.AskSBar [HKLM\Software\Classes\Toolbar.CT1561552] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{4c07ea4f-5f52-4222-b170-4cd9ed33baea}] =>Adware.BHO [HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.AskSBar [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.AskSBar [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b0de3308-5d5a-470d-81b9-634fc078393b}] =>Adware.BHO [HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}] =>Adware.BHO [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] =>Toolbar.Conduit [HKLM\Software\Classes\CLSID\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{f131923c-381d-4e4c-a472-4a17118fd742}] =>Adware.BHO [HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar [HKLM\SYSTEM\CurrentControlSet\Services\HssSrv] =>Toolbar.Agent [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent [HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar [HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\HotspotShield] =>Toolbar.Conduit [HKLM\Software\HotspotShield] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit C:\Program Files\Babylon =>Toolbar.Babylon C:\Program Files\Conduit =>Toolbar.Conduit C:\Program Files\Hotspot Shield =>Toolbar.Conduit C:\ProgramData\hssff =>Toolbar.Conduit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield =>Toolbar.Conduit C:\Users\Patouche\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar C:\Users\Patouche\AppData\LocalLow\Conduit =>Toolbar.Conduit C:\Users\Patouche\AppData\Roaming\Mozilla\Firefox\Profiles\pycqkpj7.default\Extensions\engine@conduit.com =>Toolbar.Conduit ~ Scan Additionnel in 00mn 10s ---\\ Recherche détournement de DNS routeur (O89) Serveur : UnKnown Address: 10.71.0.1 Nom : www.l.google.com Addresses: 209.85.148.103 209.85.148.104 209.85.148.105 209.85.148.106 209.85.148.147 209.85.148.99 Aliases: www.google.fr www.google.com ~ Scan DNS in 00mn 02s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Disabled 07/08/2011 554264 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe SR - | Auto 07/08/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 07/08/2011 390872 | (cFosSpeedS) . (.cFos Software GmbH.) - C:\Program Files\cFosSpeed\spd.exe SR - | Auto 07/08/2011 1793712 | C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe SS - | Auto 07/08/2011 183280 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 07/08/2011 298824 | (hshld) . (...) - C:\Program Files\Hotspot Shield\bin\openvpnas.exe SR - | Auto 07/08/2011 363336 | (HssSrv) . (.AnchorFree Inc..) - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe SS - | Demand 07/08/2011 63976 | (HssTrayService) . (...) - C:\Program Files\Hotspot Shield\bin\HssTrayService.exe SR - | Auto 07/08/2011 329544 | (HssWd) . (...) - C:\Program Files\Hotspot Shield\bin\hsswd.exe SS - | Demand 07/08/2011 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Auto 07/08/2011 537520 | (lxcz_device) . (...) - C:\Windows\system32\lxczcoms.exe SS - | Demand 07/08/2011 65536 | (NMSAccessU) . (...) - C:\Program Files\Common Files\NMSAccessU.exe SR - | Auto 07/08/2011 615528 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 07/08/2011 2214504 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SR - | Auto 07/08/2011 66560 | (SbieSvc) . (.tzuk.) - C:\Program Files\Sandboxie\SbieSvc.exe SR - | Auto 07/08/2011 275968 | (StarWindServiceAE) . (.Rocket Division Software.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe SR - | Auto 07/08/2011 378472 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SS - | Demand 07/08/2011 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SS - | Demand 07/08/2011 362240 | C:\Windows\System32\TuneUpDefragService.exe (TuneUp.Defrag) . (.TuneUp Software.) - C:\Windows\System32\TuneUpDefragService.exe SR - | Auto 07/08/2011 603904 | C:\Windows\System32\TUProgSt.exe (TuneUp.ProgramStatisticsSvc) . (.TuneUp Software.) - C:\Windows\System32\TUProgSt.exe SR - | Auto 07/08/2011 21504 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe SS - | Demand 07/08/2011 20549 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe SS - | Demand 07/08/2011 8133120 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe SR - | Auto 07/08/2011 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe SR - | Auto 07/08/2011 20480 | (x10nets) . (.X10.) - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe ~ Scan Services in 00mn 03s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Patouche at 11/08/2011 10:56:24 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x85C291F8]<< 1 nt!IofCallDriver[0x82C5411B] -> \Device\Harddisk0\DR0[0x85DBD460] 3 CLASSPNP[0x8B3948B3] -> nt!IofCallDriver[0x82C5411B] -> [0x85CFCCD8] 5 acpi[0x8AF7C6BC] -> nt!IofCallDriver[0x82C5411B] -> \Device\Ide\IdeDeviceP2T0L0-3[0x85C5C3A0] \Driver\atapi[0x85C93030] -> IRP_MJ_CREATE -> 0x85C291F8 kernel: MBR read successfully detected disk devices: detected hooks: \Driver\atapi -> 0x85c291f8 user & kernel MBR OK Warning: possible MBR rootkit infection ! ~ Scan MBR in 00mn 07s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Patouche at 11/08/2011 10:56:26 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 09s End of the scan (1610 lines in 02mn 03s)(0) ComboFix 11-08-07.03 - Patouche 11/08/2011 9:19.9.2 - x86 MINIMAL Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3071.2546 [GMT 2:00] Lancé depuis: C:\ComboFix.exe AV: COMODO Antivirus *Enabled/Updated* {7554F4C5-5EC0-2FC6-8192-8DF831DBED51} FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A} SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-07-11 au 2011-08-11 )))))))))))))))))))))))))))))))))))) . . 2011-08-11 07:28 . 2011-08-11 07:28 -------- d-----w- c:\users\Patouche\AppData\Local\temp 2011-08-11 07:28 . 2011-08-11 07:28 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2011-08-11 07:28 . 2011-08-11 07:28 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-08-11 05:30 . 2011-08-11 05:46 -------- d-----w- c:\program files\RegTweaker 2011-08-10 08:54 . 2011-08-11 06:51 -------- d-----w- C:\ZHP 2011-08-10 08:26 . 2011-08-11 05:57 -------- d-----w- c:\program files\ZHPDiag 2011-08-08 17:50 . 2011-08-11 05:57 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2011-08-08 16:30 . 2011-08-08 16:30 -------- d-----w- c:\program files\Common Files\Borland Shared 2011-08-08 16:30 . 1999-11-12 03:11 183808 ----a-w- c:\windows\system32\BDEADMIN.CPL 2011-08-08 16:30 . 1999-01-20 03:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL 2011-08-08 16:30 . 2011-08-11 04:47 -------- d-----w- c:\program files\ZebHelpProcess 2011-08-08 04:29 . 2011-08-08 04:30 -------- d-----w- c:\program files\trend micro 2011-08-08 04:29 . 2011-08-08 04:30 -------- d-----w- C:\rsit 2011-08-04 19:28 . 2011-08-04 19:28 -------- d-----w- c:\users\Patouche\.swt 2011-08-02 19:43 . 2011-08-02 19:43 -------- d-----w- c:\programdata\hssff 2011-08-02 19:34 . 2011-08-02 19:34 -------- d-----w- c:\program files\Conduit 2011-08-02 19:34 . 2011-08-02 19:34 -------- d-----w- c:\program files\Hotspot_Shield 2011-08-02 19:33 . 2011-08-02 19:34 -------- d-----w- C:\Hotspot Shield 2011-08-02 19:32 . 2011-06-22 22:05 755016 ----a-w- c:\program files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor50.dll 2011-08-02 19:32 . 2011-08-02 19:34 -------- d-----w- c:\program files\Hotspot Shield 2011-08-02 19:32 . 2011-06-22 22:05 756552 ----a-w- c:\program files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor.dll 2011-07-31 13:24 . 2011-08-03 09:27 -------- d-----w- C:\My Works 2011-07-31 12:40 . 2011-08-06 15:35 -------- d-----w- c:\users\Patouche\binload 2011-07-30 21:31 . 2011-07-31 22:06 -------- d-----w- c:\programdata\SmartSound Software Inc 2011-07-30 21:31 . 2011-07-30 21:31 -------- d-----w- c:\programdata\eSellerate 2011-07-30 21:31 . 2011-07-30 21:31 -------- d-----w- c:\program files\SmartSound Software 2011-07-27 19:30 . 2011-08-04 05:31 -------- d-----w- c:\users\Patouche\AppData\Local\QuickPar 2011-07-27 19:28 . 2011-07-27 19:28 -------- d-----w- c:\program files\QuickPar 2011-07-27 06:10 . 2011-07-29 17:36 -------- d-----w- c:\users\Patouche\AppData\Roaming\vlc 2011-07-27 03:54 . 2011-08-04 19:34 -------- d-----w- c:\program files\Binload 2011-07-23 21:16 . 2011-07-28 04:07 -------- d-----w- c:\windows\Replay Video Capture 2011-07-23 21:16 . 2011-07-23 21:27 -------- d-----w- c:\program files\Replay Video Capture 2011-07-23 06:36 . 2011-07-23 07:10 -------- d-----w- c:\program files\Common Files\Logitech 2011-07-22 08:12 . 2011-07-22 08:12 -------- d-----w- c:\users\Patouche\AppData\Roaming\Hensense.com 2011-07-21 04:11 . 2011-07-21 04:11 -------- d-----w- c:\users\Public\Roaming 2011-07-20 13:52 . 2011-07-29 08:26 -------- d-----w- C:\HotSpot SFR Reconnect auto 2011-07-17 14:02 . 2011-07-17 14:02 -------- d-----w- c:\program files\Common Files\Apple 2011-07-17 14:02 . 2011-07-17 14:02 -------- d-----w- c:\users\Patouche\AppData\Local\Apple 2011-07-17 14:02 . 2011-07-17 14:02 -------- d-----w- c:\programdata\Apple 2011-07-17 14:02 . 2011-07-17 14:02 -------- d-----w- c:\program files\Apple Software Update 2011-07-17 13:40 . 2011-07-17 13:40 -------- d-----w- c:\windows\system32\Quark ShapeMaker Presets 2011-07-17 13:30 . 2011-07-17 13:30 -------- d-----w- c:\users\Patouche\AppData\Local\Apple Computer 2011-07-17 13:24 . 2011-07-17 13:24 -------- d-----w- c:\users\Patouche\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2011-07-17 13:23 . 2011-07-17 13:23 -------- d-----w- c:\users\Patouche\AppData\Roaming\com.adobe.DC3Module.AdobeADC 2011-07-17 13:01 . 2011-07-17 13:01 -------- d-----w- c:\users\Patouche\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2011-07-17 13:01 . 2011-07-17 13:01 -------- d-----w- c:\users\Patouche\AppData\Roaming\Adobe Mini Bridge CS5.1 2011-07-17 10:59 . 2011-07-18 12:16 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2011-07-17 09:54 . 2011-07-17 09:54 -------- d-----w- c:\users\Patouche\AppData\Roaming\Apple Computer 2011-07-17 09:48 . 2011-07-17 09:48 -------- d-----w- c:\users\Patouche\AppData\Roaming\Quark 2011-07-17 09:45 . 2011-07-17 09:45 -------- d-----w- c:\windows\system32\QuickTime 2011-07-17 09:44 . 2011-07-17 09:44 -------- d-----w- c:\programdata\Quark 2011-07-17 09:44 . 2011-07-17 09:44 -------- d-----w- C:\Program Files (x86) 2011-07-17 09:37 . 2011-07-17 14:05 -------- d-----w- c:\program files\QuickTime 2011-07-17 09:36 . 2011-07-17 14:05 -------- d-----w- c:\programdata\Apple Computer 2011-07-17 06:35 . 2011-07-17 06:35 3584 ----a-r- c:\users\Patouche\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe 2011-07-17 06:35 . 2011-07-17 06:35 -------- d-----w- c:\program files\Windows Installer Clean Up 2011-07-17 06:34 . 2011-07-17 06:38 -------- d-----w- c:\program files\MSECACHE 2011-07-13 15:20 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-07-13 15:20 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll 2011-07-13 15:20 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll 2011-07-12 20:33 . 2011-07-12 20:33 -------- d-----w- c:\program files\HFSExplorer . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-09 18:02 . 2011-07-09 18:02 78096 ----a-r- c:\users\Patouche\AppData\Roaming\Microsoft\Installer\{FE74C184-4939-4FFA-B8C9-8E0CD6A6AA57}\ARPPRODUCTICON.exe 2011-07-06 17:52 . 2009-07-27 06:26 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 17:52 . 2009-07-27 06:26 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-30 08:37 . 2010-03-03 15:53 82400 ----a-w- c:\windows\system32\drivers\inspect.sys 2011-06-30 08:37 . 2010-03-03 15:53 36568 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2011-06-30 08:37 . 2010-03-23 16:39 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2011-06-30 08:37 . 2010-03-03 15:53 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys 2011-06-30 08:37 . 2010-03-03 15:54 285256 ----a-w- c:\windows\system32\guard32.dll 2011-06-22 14:30 . 2011-05-16 18:46 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-06 19:55 . 2011-06-06 19:55 47512 ----a-w- c:\windows\system32\AdobePDF.dll 2011-06-06 19:55 . 2011-06-06 19:55 22936 ----a-w- c:\windows\system32\AdobePDFUI.dll 2011-05-24 23:40 . 2011-05-24 23:40 37376 ----a-w- c:\windows\system32\drivers\HssDrv.sys 2011-05-24 17:14 . 2009-10-03 14:15 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-21 04:01 . 2011-05-21 04:01 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll 2011-05-21 04:01 . 2011-05-21 04:01 865896 ----a-w- c:\windows\system32\nvgenco322090.dll 2011-05-21 04:01 . 2011-05-21 04:01 57960 ----a-w- c:\windows\system32\OpenCL.dll 2011-05-21 04:01 . 2011-05-21 04:01 5301352 ----a-w- c:\windows\system32\nvcuda.dll 2011-05-21 04:01 . 2011-05-21 04:01 2804328 ----a-w- c:\windows\system32\nvcuvid.dll 2011-05-21 04:01 . 2011-05-21 04:01 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll 2011-05-21 04:01 . 2011-05-21 04:01 16456296 ----a-w- c:\windows\system32\nvoglv32.dll 2011-05-21 04:01 . 2011-05-21 04:01 13011560 ----a-w- c:\windows\system32\nvcompiler.dll 2011-05-21 04:01 . 2011-05-21 04:01 12392 ----a-w- c:\windows\system32\drivers\nvBridge.kmd 2011-05-21 04:01 . 2011-05-21 04:01 10589800 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2011-05-21 04:01 . 2011-05-08 07:54 6555240 ----a-w- c:\windows\system32\nvwgf2um.dll 2011-05-21 04:01 . 2011-05-08 07:54 2335848 ----a-w- c:\windows\system32\nvapi.dll 2011-05-21 04:01 . 2011-05-08 07:54 11992680 ----a-w- c:\windows\system32\nvd3dum.dll 2011-05-21 04:01 . 2011-04-07 20:43 543336 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll 2011-05-21 04:01 . 2011-04-07 20:43 615528 ----a-w- c:\windows\system32\nvvsvc.exe 2011-05-21 04:01 . 2011-04-07 20:43 2560616 ----a-w- c:\windows\system32\nvsvcr.dll 2011-05-21 04:01 . 2011-04-07 20:43 111208 ----a-w- c:\windows\system32\nvmctray.dll 2011-05-21 04:01 . 2011-04-07 20:43 3693672 ----a-w- c:\windows\system32\nvcpl.dll 2011-05-21 04:01 . 2011-04-07 20:43 2557544 ----a-w- c:\windows\system32\nvsvc.dll 2011-05-21 04:01 . 2010-10-08 00:03 66664 ----a-w- c:\windows\system32\nvshext.dll 2007-01-25 01:52 . 2007-01-25 01:52 65536 ----a-w- c:\program files\Common Files\NMSAccessU.exe 2011-06-23 08:26 . 2011-04-15 10:35 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files\Hotspot_Shield\tbHots.dll" [2009-12-31 2349080] . [HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] 2009-12-31 09:53 2349080 ----a-w- c:\program files\Hotspot_Shield\tbHots.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files\Hotspot_Shield\tbHots.dll" [2009-12-31 2349080] . [HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2009-12-01 389120] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-11-14 4706304] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696] "lxczbmgr.exe"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2007-04-19 74672] "cFosSpeed"="c:\program files\cFosSpeed\cFosSpeed.exe" [2009-03-17 881368] . c:\users\Patouche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-9-28 575488] nwr_2-1-5.jar - Raccourci.lnk - c:\users\Patouche\Logiciels vrac\nwr WiFi HotSpot reconnect neuf sfr\nwr_2-1-5.jar [2011-7-29 110059] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-21 06:20 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\guard32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "wave"=DrvTrNTm.dll "mixer"=DrvTrNTm.dll "aux5"=wdmaud.drv . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk] backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2011-06-06 19:55 2903448 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] 2011-06-06 19:55 36760 ----a-w- c:\program files\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-05-27 12:52 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF5 Registry Controller] 2008-12-13 01:27 58656 ----a-w- c:\program files\Nuance\PDF Create 5\RegistryController.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFHook] 2009-04-10 07:52 1277952 ----a-w- c:\program files\Nuance\PDF Create 5\PdfCreate5Hook.exe . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ehTray.exe"=c:\windows\ehome\ehTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Nuance OmniPage 17-reminder"="c:\program files\Nuance\OmniPage17\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\OmniPage 17\Ereg\Ereg.ini" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" "SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe . R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-06-30 238960] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-06-30 36568] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-04-04 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-09-21 74480] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [2011-07-01 298824] R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [2011-05-25 329544] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472] R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2008-01-08 1302368] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-03-24 14216] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-03-24 8456] R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2007-09-21 554496] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-03-03 139368] R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-11-17 7408] R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [x] R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [2008-04-16 120472] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-07-05 717296] S0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\DRIVERS\tdrpm147.sys [2009-01-13 971232] S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2011-06-30 19088] S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2006-11-17 13976] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Tâches planifiées' . 2011-08-11 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-28 10:45] . . ------- Examen supplémentaire ------- . mSearch Bar = hxxp://www.google.com/ie uInternet Settings,ProxyServer = 204.73.37.113:80 IE: Ajouter au fichier PDF existant - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML IE: Ajouter le contenu des liens sélectionnés à un fichier PDF existant - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML IE: Ajouter le contenu du lien à un fichier PDF existant - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML IE: Créer des fichiers PDF à partir des liens sélectionnés - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML IE: Créer fichier PDF - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML IE: Créer un fichier PDF depuis le contenu du lien - c:\program files\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm TCP: DhcpNameServer = 109.0.66.10 109.0.66.20 FF - ProfilePath - c:\users\Patouche\AppData\Roaming\Mozilla\Firefox\Profiles\pycqkpj7.default\ FF - user.js: network.http.max-connections-per-server - 6 FF - user.js: network.http.max-persistent-connections-per-server - 3 FF - user.js: nglayout.initialpaint.delay - 750 FF - user.js: content.notify.interval - 750000 FF - user.js: content.max.tokenizing.time - 2250000 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-08-11 09:28 Windows 6.0.6002 Service Pack 2 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FirefoxHTML" . Heure de fin: 2011-08-11 09:31:25 ComboFix-quarantined-files.txt 2011-08-11 07:31 ComboFix2.txt 2011-08-10 18:11 ComboFix3.txt 2011-08-10 10:04 ComboFix4.txt 2011-08-10 09:42 ComboFix5.txt 2011-08-11 07:18 . Avant-CF: 151 597 215 744 octets libres Après-CF: 151 479 582 720 octets libres . - - End Of File - - 3F8903AE111012FDCD314023E6A4AFB4
- le 11 août 2011
- 1 réponse

Connexion

Ono

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par Ono

Infection massive et complexe

Zebulon

Outils en ligne

Naviguer