

KiS 2
Membres-
Compteur de contenus
3 -
Inscription
-
Dernière visite
Autres informations
-
Mes langues
Français
KiS 2's Achievements

Junior Member (3/12)
0
Réputation sur la communauté
-
Bonjours, et désolé d'avoir mis du temps a répondre. Bref.. la description du processus responsable (svchost.exe) est : Generic Host Process for win32 services en appuyant sur le (+) il apparait le wuauclt... puis disparait En arrêtant ce svchost, le thème Windows devient classique (genre Windows 98)
-
Merci pour votre réponse rapide et claire En procédant exactement comme vous dite Anti-malware a détecté 2 objets inféctés... éliminé avec succes Voici le repport de ZHPFix : Rapport de ZHPFix 1.12.3377 par Nicolas Coolman, Update du 26/12/2011 Fichier d'export Registre : Run by saidani at 07/01/2012 11:04:04 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== SUPPRIME Key: HKCU\Software\Elwofdd SUPPRIME Key: HKCU\Software\LdShih SUPPRIME Key: HKCU\Software\PopCap SUPPRIME Key: StartupReg: SpybotDeletingA1878 SUPPRIME Key: StartupReg: SpybotDeletingA4088 SUPPRIME Key: StartupReg: SpybotDeletingA6025 SUPPRIME Key: StartupReg: SpybotDeletingA8064 SUPPRIME Key: StartupReg: SpybotDeletingB1652 SUPPRIME Key: StartupReg: SpybotDeletingB7198 SUPPRIME Key: StartupReg: SpybotDeletingB8770 SUPPRIME Key: StartupReg: SpybotDeletingB9244 ========== Valeur(s) du Registre ========== ABSENT Valeur Standard Profile: FirewallRaz : Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Elément(s) de donnée du Registre ========== REMPLACE Value AntiVirusOverride : Good (0) - Bad (1) REMPLACE Value AntiVirusDisableNotify : Good (0) - Bad (1) REMPLACE Value FirewallDisableNotify : Good (0) - Bad (1) REMPLACE Value FirewallOverride : Good (0) - Bad (1) REMPLACE Value UpdatesDisableNotify : Good (0) - Bad (1) REMPLACE Value UacDisableNotify : Good (0) - Bad (1) ========== Dossier(s) ========== SUPPRIME Flash Cookies: 1 SUPPRIME Temporaires Windows: : 72 ========== Fichier(s) ========== ABSENT File: d:\program files\mywebsearch\bar\1.bin\f3wallpp.dat ABSENT File: d:\program files\mywebsearch\bar\1.bin\m3plugin.dll ABSENT File: d:\program files\mywebsearch\bar\1.bin\m3medint.exe ABSENT File: d:\program files\mywebsearch\bar\1.bin\m3highin.exe SUPPRIME Flash Cookies: 0 SUPPRIME Temporaires Windows: : 16 ========== Récapitulatif ========== 11 : Clé(s) du Registre 2 : Valeur(s) du Registre 6 : Elément(s) de donnée du Registre 2 : Dossier(s) 6 : Fichier(s) End of clean in 01mn 39s ========== Chemin de fichier rapport ========== D:\ZHP\ZHPFix[R1].txt - 07/01/2012 11:04:04 [2085] ................................................... Seul souci : en lançant un programme la machine devien lente et le processus svchost.exe tourne a 100%
-
Bonjours, j'ai fais analysé mon PC avec ZHP diag.. mais je ne sais pas comment proceder par la suite merci d'analyser mon log et m'indiquer quoi faire ------------------------------------------------------------------------------------------------------------------- Rapport de ZHPDiag v1.28.307 par Nicolas Coolman, Update du 06/01/2012 Run by saidani at 06/01/2012 16:33:38 Web site : ZHPDiag Outil de diagnostic Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com State : Version à jour. ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 9.0.1 v9.0.1 GCIE: Google Chrome v16.0.912.63 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ System Information ~ Processor: x86 Family 6 Model 14 Stepping 8, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 502 MB (18% free) System Restore: Activé (Enable) System drive D: has 29 GB (66%) free of 44 GB ---\\ Logged in mode ~ Computer Name: HP ~ User Name: saidani ~ All Users Names: SUPPORT_388945a0, saidani, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : D:\ ~ %AppData% : D:\Documents and Settings\saidani\Application Data\ ~ %Desktop% : D:\Documents and Settings\saidani\Bureau\ ~ %Favorites% : D:\Documents and Settings\saidani\Favoris\ ~ %LocalAppData% : D:\Documents and Settings\saidani\Local Settings\Application Data\ ~ %StartMenu% : D:\Documents and Settings\saidani\Menu Démarrer\ ~ %Windir% : D:\WINDOWS\ ~ %System% : D:\WINDOWS\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 29 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 29 Go of 44 Go) E:\ CD-ROM drive (Not Inserted) G:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 20 Go) I:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.06/01/2012 - 19:34:04.) -- D:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) (.06/01/2012 - 19:34:22.) -- D:\WINDOWS\system32\rundll32.exe [33792] [MD5.B0DF02C2326381D64149F3EEFAE5E09D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.06/01/2012 - 20:13:29.) -- D:\WINDOWS\system32\wininet.dll [916992] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.06/01/2012 - 19:34:30.) -- D:\WINDOWS\system32\Winlogon.exe [512000] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.06/01/2012 - 14:49:54.) -- D:\WINDOWS\system32\drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.06/01/2012 - 11:40:32.) -- D:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.06/01/2012 - 12:14:22.) -- D:\WINDOWS\system32\drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.06/01/2012 - 11:40:48.) -- D:\WINDOWS\system32\drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.06/01/2012 - 18:57:40.) -- D:\WINDOWS\system32\drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.06/01/2012 - 09:36:06.) -- D:\WINDOWS\system32\drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.06/01/2012 - 19:00:54.) -- D:\WINDOWS\system32\drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.06/01/2012 - 11:41:00.) -- D:\WINDOWS\system32\drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.06/01/2012 - 11:57:16.) -- D:\WINDOWS\system32\drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.06/01/2012 - 12:19:44.) -- D:\WINDOWS\system32\drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.06/01/2012 - 14:29:31.) -- D:\WINDOWS\system32\drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.06/01/2012 - 12:21:02.) -- D:\WINDOWS\system32\drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.06/01/2012 - 12:15:54.) -- D:\WINDOWS\system32\drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.06/01/2012 - 19:09:42.) -- D:\WINDOWS\system32\drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.06/01/2012 - 12:19:44.) -- D:\WINDOWS\system32\drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.06/01/2012 - 11:32:52.) -- D:\WINDOWS\system32\drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.06/01/2012 - 18:57:36.) -- D:\WINDOWS\system32\drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.06/01/2012 - 18:56:06.) -- D:\WINDOWS\system32\drivers\volsnap.sys [53376] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/9 ~ Mes musiques (My Musics) : 6/1707 ~ Mes Videos (My Videos) : 1/6 ~ Mes Favoris (My Favorites) : 2/9 ~ Mes Documents (My Documents) : 24/2184 ~ Mon Bureau (My Desktop) : 2/371 ~ Menu demarrer (Programs) : 6/51 ~ Scan Hidden Files in 00mn 04s ---\\ Processus lancés [MD5.8C9D57338B02D95C0FC7DB428C50A001] - (.Intel® Corporation - Intel® Wireless Management Service.) -- D:\Program Files\Intel\WiFi\bin\S24EvMon.exe [882960] [PID.] [MD5.AA3DC7CBBF0C5D97003D06BAE094370F] - (.Logitech - Logitech LVPrcSrv Module..) -- d:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [81920] [PID.] [MD5.8ED60797908FD394EEE0D6949F493224] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- D:\WINDOWS\system32\agrsmsvc.exe [12800] [PID.] [MD5.C7BB95CF9631AA401E4ADED1648F6AF7] - (.ESET - ESET Service.) -- D:\Program Files\ESET\ESET Smart Security\ekrn.exe [974944] [PID.] [MD5.52859724EDD0EE282522225E056B6EB3] - (.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) -- D:\Program Files\Intel\WiFi\bin\EvtEng.exe [866576] [PID.] [MD5.9AA67569D5257462E230767510B0C815] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- D:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120] [PID.] [MD5.3B1A7CEA1E230103264405E0FB05532C] - (.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) -- D:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [481552] [PID.] [MD5.08C33341BED2E3EAA2C77A0B68EF9553] - (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- D:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248] [PID.2980] [MD5.0797714F98400D23E3951E33E709A4CE] - (.Agere Systems - SoftModem Messaging Applet.) -- D:\WINDOWS\AGRSMMSG.exe [88204] [PID.1228] [MD5.E44733C30F7FE6A1CE7A6B1D2B335CFC] - (.Intel Corporation - hkcmd Module.) -- D:\WINDOWS\system32\hkcmd.exe [159744] [PID.2996] [MD5.2022C54B3A79A51C9538CE47D1F50BC3] - (.Intel Corporation - persistence Module.) -- D:\WINDOWS\system32\igfxpers.exe [131072] [PID.3016] [MD5.C3ED032AF1C30F92546A698CC7173605] - (.ESET - ESET GUI.) -- D:\Program Files\ESET\ESET Smart Security\egui.exe [3080264] [PID.3028] [MD5.1D4F13DBB57C5152FC9A5DABBCFC78B4] - (.Intel Corporation - igfxsrvc Module.) -- D:\WINDOWS\system32\igfxsrvc.exe [249856] [PID.3068] [MD5.9315E6E806CFD11268E43524CD27CF8F] - (.Logitech - LVCom Server.) -- D:\WINDOWS\system32\LVCOMSX.EXE [225280] [PID.3072] [MD5.10075895F525648EA00B81AAC71A6099] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Config Servic.) -- D:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1407248] [PID.2744] [MD5.2F815421FDB250426FFD7B3FE1597D52] - (.Intel® Corporation - Intel® PROSet/Wireless Framework.) -- D:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [1210640] [PID.3100] [MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe [955392] [PID.3124] [MD5.C171E287A16DD8C57D088BA79FC76A29] - (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe [3462552] [PID.3136] [MD5.11CCA710674739E3DB8F7450A5B650B6] - (.Mozilla Corporation - Firefox.) -- D:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.2488] [MD5.0619C9E7A3682C54BD226A831897CD06] - (.Mozilla Corporation - Plugin Container for Firefox.) -- D:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.2016] [MD5.765F011AADC5DBD2DD82AF284C4A4E45] - (.Nicolas Coolman - Diagnostic Tool.) -- D:\Program Files\ZHPDiag\ZHPDiag.exe [2209792] [PID.3868] ~ Scan Processes Running in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [ahcaniaehcjkignnobkmdgacafghkplh] Friendly Gaming Simplifier v.name: Friendly Gaming Simplifier, (Activé) G2 - GCE: Preference [user Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.5.9 (Activé) ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) D:\Documents and Settings\saidani\Application Data\Mozilla\Firefox\Profiles\qj5e0m0q.default\prefs.js D:\Documents and Settings\saidani\Application Data\Mozilla\Firefox\Profiles\qj5e0m0q.default\user.js M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml M0 - MFSP: prefs.js [saidani - qj5e0m0q.default] Google M2 - MFEP: prefs.js [saidani - qj5e0m0q.default\07n156@gmail(2).com] [] Megaupload Integration v1.1 (.PBreak, 07N156.) P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.06 for Firefox.) -- D:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- D:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- D:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- D:\Program Files\Mozilla Firefox\Plugins\npzylomgamesplayer.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- D:\WINDOWS\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_30 for Mozilla browsers.) -- D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- D:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- D:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- D:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- D:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.11] - (.the VideoLAN Team - Version 1.1.11, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- D:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- D:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19165 (longhorn_ie8_gdr.111021-1715)) -- D:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 02s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- D:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- D:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ~ Scan BHO in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [AzMixerSel] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- D:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- D:\WINDOWS\AGRSMMSG.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- D:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- D:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- D:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- D:\Program Files\ESET\ESET Smart Security\egui.exe O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech - LVCom Server.) -- D:\WINDOWS\system32\LVCOMSX.exe O4 - HKLM\..\Run: [intelZeroConfig] . (.Intel® Corporation - Intel® PROSet/Wireless Zero Config Servic.) -- D:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe O4 - HKLM\..\Run: [intelWireless] . (.Intel® Corporation - Intel® PROSet/Wireless Framework.) -- D:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe O4 - HKCU\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1708537768-963894560-725345543-1003\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-21-1708537768-963894560-725345543-1003\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe O4 - HKUS\S-1-5-21-1708537768-963894560-725345543-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- D:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A91000000001}\SC_Reader.ico O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- D:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- D:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- D:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- D:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- D:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- D:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- D:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- D:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A91000000001}\SC_Reader.ico O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- D:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- D:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- D:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- D:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- D:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- D:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- D:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- D:\Program Files\MICROS~2\OFFICE11\EXCEL.exe O8 - Extra context menu item: Télécharger avec IDM . (...) -- D:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Télécharger tous les liens avec IDM . (...) -- D:\Program Files\Internet Download Manager\IEGetAll.htm ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- D:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (...) -- D:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- D:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- D:\Program Files\Messenger\msmsgs.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- D:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\system32\mswsock.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1319899727062 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1319900881343 O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{C4967D0D-94C4-4FC9-A5B4-16048C9D5990}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{CFE8CB45-56DA-4314-9B78-C79456B13E3C}: NameServer = 41.221.20.4 213.140.2.12 O17 - HKLM\System\CS2\Services\Tcpip\..\{C4967D0D-94C4-4FC9-A5B4-16048C9D5990}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- D:\WINDOWS\system32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- D:\WINDOWS\system32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- D:\WINDOWS\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- D:\WINDOWS\system32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- D:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.dll O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- D:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- D:\WINDOWS\system32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- D:\WINDOWS\system32\wiascr.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- D:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- D:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- D:\WINDOWS\system32\mscoree.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\shell32.dll O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- D:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- D:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- D:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- D:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- D:\WINDOWS\system32\igfxdev.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- D:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\WINDOWS\system32\wlnotify.dll ~ Scan Winlogon in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\shell32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- D:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- D:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- D:\WINDOWS\system32\WPDShServiceObj.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- D:\WINDOWS\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - D:\WINDOWS\system32\agrsmsvc.exe O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) . (...) - D:\DOCUME~1\saidani\LOCALS~1\Temp\AVSETUP_4a434603\basic\avupgsvc.exe (.not file.) O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - D:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) - D:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - D:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) . (.Logitech - Logitech LVPrcSrv Module..) - D:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - D:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) - D:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) . (.Intel® Corporation - Intel® Wireless Management Service.) - D:\Program Files\Intel\WiFi\bin\S24EvMon.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - D:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-963894560-725345543-1003Core.job O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-963894560-725345543-1003UA.job [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- D:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- D:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1708537768-963894560-725345543-1003Core] (.Google Inc..) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1708537768-963894560-725345543-1003UA] (.Google Inc..) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Update\GoogleUpdate.exe ~ Scan Scheduled Task in 00mn 01s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- D:\WINDOWS\system32\ieudinit.exe O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media de Microsoft.) -- D:\WINDOWS\inf\unregmp2.exe O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- D:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- D:\WINDOWS\system32\iedkcs32.dll O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- D:\WINDOWS\system32\msjava.dll O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- D:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- D:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- D:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- D:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- D:\WINDOWS\system32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- D:\WINDOWS\INF\wmp11.inf O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- D:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- d:\WINDOWS\system32\mscories.dll O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r28.) -- D:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx ~ Scan Active Setup in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - D:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - D:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - D:\WINDOWS\system32\DRIVERS\ehdrv.sys O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - D:\WINDOWS\system32\Drivers\ElbyCDIO.sys O41 - Driver: (epfwtdi) . (.ESET - ESET Personal Firewall TDI filter.) - D:\WINDOWS\system32\DRIVERS\epfwtdi.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - D:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (IDMTDI) . (.Tonec Inc. - Internet Download Manager TDI Driver.) - D:\WINDOWS\system32\DRIVERS\idmtdi.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - D:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - D:\WINDOWS\system32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - D:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - D:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - D:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - D:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - D:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - D:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - D:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - D:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - D:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - D:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - D:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - D:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - D:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - D:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - D:\WINDOWS\system32\DRIVERS\wmiacpi.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: Acer OrbiCam Application - (.Acer.) [HKLM] -- {0F79C1B2-36B2-4B62-8221-42721CF54638} O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems, Inc..) [HKLM] -- {BB65C393-C76E-4F06-9B0C-2124AA8AF97B} O42 - Logiciel: Adobe Reader 9.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001} O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Agere Systems HDA Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} O42 - Logiciel: AutoCAD 2008 - Français - (.Autodesk.) [HKLM] -- AutoCAD 2008 - Français O42 - Logiciel: Autodesk DWF Viewer 7 - (.Autodesk, Inc..) [HKLM] -- {9A346205-EA92-4406-B1AB-50379DA3F057} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler O42 - Logiciel: EASEUS Partition Master 9.1.0 Home Edition - (.EASEUS.) [HKLM] -- EASEUS Partition Master Home Edition_is1 O42 - Logiciel: EPSON SX218 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX218 Series O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner O42 - Logiciel: FormatFactory 2.80 - (.Free Time.) [HKLM] -- FormatFactory O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E} O42 - Logiciel: HP Deskjet Printer Driver Software 9.0 - (.HP.) [HKLM] -- {F5936267-D467-4e7b-8940-A7D9F0398EF3} O42 - Logiciel: HP Imaging Device Functions 9.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP PSC & Officejet 5.3.B Corporate Edition - (.HP.) [HKLM] -- {49FB31C1-26EC-44c6-AB47-73C66E2BC41E} O42 - Logiciel: HP Photosmart Essential 2.01 - (.HP.) [HKLM] -- HP Photosmart Essential O42 - Logiciel: HP Solution Center 9.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399 O42 - Logiciel: Hotfix for Windows XP (KB915800-v4) - (.Microsoft Corporation.) [HKLM] -- KB915800-v4 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI O42 - Logiciel: Intel® Integrated Performance Primitives 6.0 Update 2 for Windows* on Intel® IA-32 architecture - (.Intel Corporation.) [HKLM] -- {F52BAEF4-ED5E-49BC-856C-ABA3BD34DDBB} O42 - Logiciel: Internet Download Manager - (.Pas de propriétaire.) [HKLM] -- Internet Download Manager O42 - Logiciel: Java 6 Update 30 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF} O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: Logitech Video Enumerator - (.Logitech Inc..) [HKLM] -- {EA516024-D84D-41F1-814F-83175A6188F2} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 6.0 Parser - (.Microsoft Corporation.) [HKLM] -- {AEB9948B-4FF2-47C9-990E-47014492A0FE} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {1DEBA687-2E7D-4372-8285-F356B3FD1588} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2572067) - (.Pas de propriétaire.) [HKLM] -- M2572067 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA O42 - Logiciel: Mozilla Firefox 9.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 9.0.1 (x86 fr) O42 - Logiciel: Nero 8 Lite 8.3.2.1 - (.Updatepack.nl.) [HKLM] -- Nero8Lite_is1 O42 - Logiciel: Ontrack EasyRecovery Professional - (.Kroll Ontrack Inc..) [HKLM] -- InstallShield_{268723B7-A994-4286-9F85-B974D5CAFC7B} O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce - (.Microsoft Corporation.) [HKLM] -- KB909520 O42 - Logiciel: PhotoFiltre Studio X - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre Studio X O42 - Logiciel: Programme de gestion Acer OrbiCam - (.Pas de propriétaire.) [HKLM] -- AcerOrbiCamDrv O42 - Logiciel: REALTEK GbE & FE Ethernet PCI NIC Driver - (.Realtek.) [HKLM] -- {ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Windows Search 4 - KB963093 - (.Microsoft Corporation.) [HKLM] -- KB963093 O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2 O42 - Logiciel: System Requirements Lab for Intel - (.Husdawg, LLC.) [HKLM] -- {CD41B576-4787-4D5C-95EE-24A4ABD89CD3} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Management Framework Core - (.Microsoft Corporation.) [HKLM] -- KB968930 O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\Acer] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\ApplianTechnologies] [HKCU\Software\Autodesk] [HKCU\Software\Awkanaf] [HKCU\Software\Binary Noise] [HKCU\Software\BitComet] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\DT Soft] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DownloadManager] [HKCU\Software\EASEUS] [HKCU\Software\EPSON] [HKCU\Software\ESET] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Elwofdd] [HKCU\Software\FreeTime] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Headlight] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\JollyBear] [HKCU\Software\LAventure] [HKCU\Software\Lavalys] [HKCU\Software\LdShih] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Logitech] [HKCU\Software\Macromedia] [HKCU\Software\Magical Jelly Bean Software] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Nadeo] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Northcode Inc] [HKCU\Software\ODBC] [HKCU\Software\PS2EMU] [HKCU\Software\PS2Eplugin] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PopCap] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\Replay Media Catcher] [HKCU\Software\SFX TEAM] [HKCU\Software\SOFTWIN] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SecuROM] [HKCU\Software\Skype] [HKCU\Software\SpinTop] [HKCU\Software\Sysinternals] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WinRAR] [HKCU\Software\Winamp] [HKCU\Software\Zylom] [HKCU\Software\Zyrax Software] [HKCU\Software\bntrp] [HKCU\Software\cybelsoft] [HKCU\Software\elSoftware] [HKCU\Software\mmtest] [HKCU\Software\saidani914] [HKCU\Software\wrfke] [HKLM\Software\ACE Compression Software] [HKLM\Software\Adobe] [HKLM\Software\Agere] [HKLM\Software\Ahead] [HKLM\Software\Autodesk] [HKLM\Software\AviSynth] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\EPSON] [HKLM\Software\ESET] [HKLM\Software\Elaborate Bytes] [HKLM\Software\Foreignword] [HKLM\Software\GNU] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\InstallShield] [HKLM\Software\Intel Corporation] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\Ontrack] [HKLM\Software\PGWARE] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\S3R521] [HKLM\Software\SOFTWIN] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Swearware] [HKLM\Software\The Silicon Realms Toolworks] [HKLM\Software\TrendMicro] [HKLM\Software\VideoLAN] [HKLM\Software\WiFi Hopper] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\cybelsoft] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 03/06/2009 - 13:30:14 - [2,951] ----D- D:\Program Files\7-Zip O43 - CFD: 27/12/2002 - 22:08:24 - [5,477] ----D- D:\Program Files\Acer O43 - CFD: 24/05/2009 - 18:13:48 - [227,415] ----D- D:\Program Files\Adobe O43 - CFD: 03/06/2002 - 18:59:32 - [529,252] ----D- D:\Program Files\AutoCAD 2008 O43 - CFD: 03/06/2002 - 18:56:12 - [36,713] ----D- D:\Program Files\Autodesk O43 - CFD: 02/01/2012 - 11:57:04 - [4,160] ----D- D:\Program Files\CCleaner O43 - CFD: 03/06/2008 - 17:24:50 - [0] ----D- D:\Program Files\ComPlus Applications O43 - CFD: 14/12/2011 - 10:56:36 - [4,421] ----D- D:\Program Files\Defraggler O43 - CFD: 01/06/2009 - 21:26:32 - [0,758] ----D- D:\Program Files\DIFX O43 - CFD: 09/12/2011 - 14:20:44 - [0,664] ----D- D:\Program Files\DivX O43 - CFD: 28/10/2011 - 18:08:46 - [36,830] ----D- D:\Program Files\EASEUS O43 - CFD: 28/10/2011 - 18:42:46 - [2,066] ----D- D:\Program Files\Elaborate Bytes O43 - CFD: 20/06/2011 - 21:12:02 - [7,941] ----D- D:\Program Files\epson O43 - CFD: 09/12/2011 - 15:11:52 - [70,541] ----D- D:\Program Files\ESET O43 - CFD: 09/12/2011 - 15:08:16 - [468,358] ----D- D:\Program Files\Fichiers communs O43 - CFD: 02/01/2012 - 23:49:06 - [114,229] ----D- D:\Program Files\FreeTime O43 - CFD: 29/10/2011 - 17:30:34 - [124,695] ----D- D:\Program Files\Google O43 - CFD: 04/12/2011 - 12:41:42 - [155,649] ----D- D:\Program Files\HP O43 - CFD: 02/11/2011 - 11:46:14 - [9,486] --H-D- D:\Program Files\InstallShield Installation Information O43 - CFD: 29/11/2011 - 21:39:06 - [1208,029] ----D- D:\Program Files\Intel O43 - CFD: 04/01/2012 - 09:59:34 - [13,410] ----D- D:\Program Files\Internet Download Manager O43 - CFD: 06/01/2012 - 12:29:46 - [4,570] ----D- D:\Program Files\Internet Explorer O43 - CFD: 16/12/2011 - 15:58:06 - [78,024] ----D- D:\Program Files\Java O43 - CFD: 08/04/2011 - 20:15:30 - [79,707] ----D- D:\Program Files\Kroll Ontrack O43 - CFD: 02/11/2011 - 13:01:54 - [6,211] ----D- D:\Program Files\ma-config.com O43 - CFD: 04/12/2011 - 12:41:20 - [0] ----D- D:\Program Files\MediaCoder O43 - CFD: 02/11/2011 - 17:02:12 - [2,053] ----D- D:\Program Files\Messenger O43 - CFD: 03/11/2011 - 16:44:32 - [0,764] ----D- D:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 03/06/2008 - 17:33:46 - [0] ----D- D:\Program Files\microsoft frontpage O43 - CFD: 27/11/2011 - 17:49:10 - [203,640] ----D- D:\Program Files\Microsoft Office O43 - CFD: 03/11/2011 - 17:01:08 - [36,633] ----D- D:\Program Files\Microsoft Silverlight O43 - CFD: 03/12/2002 - 21:24:36 - [0,014] ----D- D:\Program Files\Microsoft Visual Studio O43 - CFD: 03/11/2011 - 21:38:54 - [4,166] ----D- D:\Program Files\Microsoft Works O43 - CFD: 03/12/2002 - 21:24:22 - [0,125] ----D- D:\Program Files\Microsoft.NET O43 - CFD: 02/11/2011 - 16:46:32 - [9,894] ----D- D:\Program Files\Movie Maker O43 - CFD: 02/01/2012 - 00:47:36 - [39,045] ----D- D:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2011 - 17:18:02 - [0,025] ----D- D:\Program Files\MSBuild O43 - CFD: 23/06/2009 - 14:04:16 - [28,414] ----D- D:\Program Files\MSECache O43 - CFD: 30/07/2009 - 21:50:18 - [18,385] ----D- D:\Program Files\MSN O43 - CFD: 03/06/2008 - 17:24:24 - [8,341] ----D- D:\Program Files\MSN Gaming Zone O43 - CFD: 02/11/2011 - 16:44:48 - [0] ----D- D:\Program Files\MSXML 4.0 O43 - CFD: 27/09/2002 - 16:07:26 - [54,608] ----D- D:\Program Files\Nero O43 - CFD: 17/01/2003 - 14:48:50 - [3,133] ----D- D:\Program Files\NetMeeting O43 - CFD: 03/06/2008 - 17:24:34 - [0,002] ----D- D:\Program Files\Online Services O43 - CFD: 02/11/2011 - 16:47:08 - [4,176] ----D- D:\Program Files\Outlook Express O43 - CFD: 30/07/2009 - 21:50:08 - [0,182] ----D- D:\Program Files\PC Tools AntiVirus O43 - CFD: 03/01/2012 - 13:57:58 - [13,582] ----D- D:\Program Files\PhotoFiltre Studio X O43 - CFD: 02/11/2011 - 11:46:16 - [43,922] ----D- D:\Program Files\Realtek O43 - CFD: 02/11/2011 - 17:17:30 - [34,715] ----D- D:\Program Files\Reference Assemblies O43 - CFD: 03/06/2008 - 17:32:00 - [0,001] ----D- D:\Program Files\Services en ligne O43 - CFD: 04/01/2012 - 11:01:06 - [63,738] ----D- D:\Program Files\Spybot - Search & Destroy O43 - CFD: 28/11/2011 - 19:13:10 - [1,273] ----D- D:\Program Files\SuperCopier2 O43 - CFD: 02/11/2011 - 12:35:38 - [0,758] ----D- D:\Program Files\SystemRequirementsLab O43 - CFD: 02/05/2011 - 19:54:32 - [0,009] ----D- D:\Program Files\Trend Micro O43 - CFD: 30/07/2009 - 21:42:12 - [1,065] ----D- D:\Program Files\UltimateZip O43 - CFD: 03/06/2008 - 17:39:12 - [0] --H-D- D:\Program Files\Uninstall Information O43 - CFD: 03/09/2002 - 15:28:20 - [80,962] ----D- D:\Program Files\VideoLAN O43 - CFD: 03/01/2012 - 12:01:12 - [0,026] ----D- D:\Program Files\VideoReDoTVSuite4 O43 - CFD: 14/12/2011 - 13:23:56 - [0] ----D- D:\Program Files\Windows Desktop Search O43 - CFD: 04/01/2012 - 11:15:14 - [14,588] ----D- D:\Program Files\Windows Live O43 - CFD: 19/05/2009 - 21:36:06 - [0,234] ----D- D:\Program Files\Windows Live SkyDrive O43 - CFD: 03/11/2011 - 16:50:06 - [3,415] ----D- D:\Program Files\Windows Media Connect 2 O43 - CFD: 04/11/2011 - 16:10:38 - [20,903] ----D- D:\Program Files\Windows Media Player O43 - CFD: 17/01/2003 - 14:48:40 - [3,760] ----D- D:\Program Files\Windows NT O43 - CFD: 03/06/2008 - 17:32:06 - [0] --H-D- D:\Program Files\WindowsUpdate O43 - CFD: 03/09/2002 - 15:25:36 - [4,353] ----D- D:\Program Files\WinRAR O43 - CFD: 03/06/2008 - 17:33:46 - [0] ----D- D:\Program Files\xerox O43 - CFD: 06/01/2012 - 16:33:52 - [9,203] ----D- D:\Program Files\ZHPDiag O43 - CFD: 27/12/2002 - 22:08:40 - [31,556] ----D- D:\Program Files\Fichiers Communs\Acer O43 - CFD: 09/06/2009 - 19:32:36 - [4,448] ----D- D:\Program Files\Fichiers Communs\Adobe O43 - CFD: 03/06/2002 - 18:59:36 - [47,054] ----D- D:\Program Files\Fichiers Communs\Autodesk Shared O43 - CFD: 03/12/2002 - 21:24:54 - [0,189] ----D- D:\Program Files\Fichiers Communs\Designer O43 - CFD: 21/05/2009 - 23:02:24 - [1,352] ----D- D:\Program Files\Fichiers Communs\DFX O43 - CFD: 05/03/2003 - 20:31:56 - [0,013] ----D- D:\Program Files\Fichiers Communs\DirectX O43 - CFD: 17/06/2011 - 15:13:06 - [0,263] ----D- D:\Program Files\Fichiers Communs\EPSON O43 - CFD: 04/02/2003 - 21:45:24 - [0,436] ----D- D:\Program Files\Fichiers Communs\Hewlett-Packard O43 - CFD: 12/03/2011 - 11:35:26 - [4,768] ----D- D:\Program Files\Fichiers Communs\HP O43 - CFD: 03/06/2002 - 18:56:32 - [10,227] ----D- D:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 29/11/2011 - 21:39:06 - [9,524] ----D- D:\Program Files\Fichiers Communs\Intel O43 - CFD: 02/11/2011 - 11:45:42 - [1,201] ----D- D:\Program Files\Fichiers Communs\Java O43 - CFD: 05/11/2011 - 12:57:08 - [6,995] ----D- D:\Program Files\Fichiers Communs\Logitech O43 - CFD: 03/11/2010 - 22:50:10 - [0,622] ----D- D:\Program Files\Fichiers Communs\Macrovision Shared O43 - CFD: 22/11/2011 - 14:39:34 - [293,473] ----D- D:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 03/06/2008 - 17:26:18 - [0,271] ----D- D:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 27/09/2002 - 16:07:12 - [39,057] ----D- D:\Program Files\Fichiers Communs\Nero O43 - CFD: 03/06/2002 - 19:01:04 - [0] ----D- D:\Program Files\Fichiers Communs\ODBC O43 - CFD: 03/06/2008 - 17:26:22 - [0,008] ----D- D:\Program Files\Fichiers Communs\Services O43 - CFD: 09/12/2002 - 20:59:02 - [0,445] ----D- D:\Program Files\Fichiers Communs\Softwin O43 - CFD: 03/06/2002 - 19:01:00 - [3,612] ----D- D:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 24/05/2009 - 16:36:24 - [0] ----D- D:\Program Files\Fichiers Communs\SWF Studio O43 - CFD: 17/01/2003 - 14:48:34 - [12,845] ----D- D:\Program Files\Fichiers Communs\System O43 - CFD: 19/05/2009 - 21:02:22 - [0] ----D- D:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 27/10/2011 - 09:22:44 - [2,211] ----D- D:\Documents and Settings\saidani\Application Data\Adobe O43 - CFD: 03/06/2008 - 18:00:58 - [0] ----D- D:\Documents and Settings\saidani\Application Data\AdobeUM O43 - CFD: 03/12/2002 - 21:57:38 - [7,768] ----D- D:\Documents and Settings\saidani\Application Data\Autodesk O43 - CFD: 13/06/2011 - 21:45:28 - [0,001] ----D- D:\Documents and Settings\saidani\Application Data\BatteryBar O43 - CFD: 04/12/2011 - 12:41:14 - [0] ----D- D:\Documents and Settings\saidani\Application Data\Broad Intelligence O43 - CFD: 21/10/2011 - 11:16:40 - [0] ----D- D:\Documents and Settings\saidani\Application Data\DAEMON Tools Lite O43 - CFD: 01/06/2009 - 22:33:20 - [0,016] ----D- D:\Documents and Settings\saidani\Application Data\DivX O43 - CFD: 06/01/2012 - 16:17:36 - [0,020] ----D- D:\Documents and Settings\saidani\Application Data\DMCache O43 - CFD: 08/12/2009 - 15:36:14 - [0,000] ----D- D:\Documents and Settings\saidani\Application Data\dvdcss O43 - CFD: 17/06/2009 - 18:13:16 - [0,000] ----D- D:\Documents and Settings\saidani\Application Data\EmailNotifier(2) O43 - CFD: 03/11/2010 - 20:45:20 - [0] ----D- D:\Documents and Settings\saidani\Application Data\ESET O43 - CFD: 31/05/2009 - 17:13:40 - [0] ----D- D:\Documents and Settings\saidani\Application Data\FastStone O43 - CFD: 18/10/2009 - 16:43:56 - [0,014] ----D- D:\Documents and Settings\saidani\Application Data\Flood Light Games O43 - CFD: 03/11/2010 - 19:30:06 - [0,003] ----D- D:\Documents and Settings\saidani\Application Data\GetRightToGo O43 - CFD: 29/10/2011 - 17:31:48 - [0,074] ----D- D:\Documents and Settings\saidani\Application Data\Google O43 - CFD: 03/01/2012 - 14:00:22 - [0,000] ----D- D:\Documents and Settings\saidani\Application Data\Identities O43 - CFD: 01/01/2012 - 22:02:44 - [262,996] ----D- D:\Documents and Settings\saidani\Application Data\IDM O43 - CFD: 29/11/2011 - 21:40:42 - [0,026] ----D- D:\Documents and Settings\saidani\Application Data\Intel O43 - CFD: 15/06/2009 - 16:49:06 - [0,001] ----D- D:\Documents and Settings\saidani\Application Data\Macromedia O43 - CFD: 19/02/2010 - 20:35:30 - [4,865] -S--D- D:\Documents and Settings\saidani\Application Data\Microsoft O43 - CFD: 31/05/2009 - 15:46:46 - [20,430] ----D- D:\Documents and Settings\saidani\Application Data\Mozilla O43 - CFD: 04/07/2009 - 15:01:08 - [0,000] ----D- D:\Documents and Settings\saidani\Application Data\MSNInstaller O43 - CFD: 30/07/2009 - 21:50:20 - [0] ----D- D:\Documents and Settings\saidani\Application Data\NCH Swift Sound O43 - CFD: 27/09/2002 - 16:10:00 - [0,184] ----D- D:\Documents and Settings\saidani\Application Data\Nero O43 - CFD: 13/06/2009 - 19:30:26 - [0,030] ----D- D:\Documents and Settings\saidani\Application Data\ooVoo Details O43 - CFD: 18/06/2009 - 22:52:38 - [0,001] ----D- D:\Documents and Settings\saidani\Application Data\oovootb O43 - CFD: 03/09/2002 - 11:50:06 - [0,259] ----D- D:\Documents and Settings\saidani\Application Data\Opera O43 - CFD: 03/01/2012 - 14:22:44 - [0,000] ----D- D:\Documents and Settings\saidani\Application Data\PhotoFiltre Studio X O43 - CFD: 03/11/2010 - 19:55:52 - [0] ----D- D:\Documents and Settings\saidani\Application Data\skypePM O43 - CFD: 31/05/2009 - 17:55:14 - [1,271] ----D- D:\Documents and Settings\saidani\Application Data\Sun O43 - CFD: 02/11/2011 - 11:40:32 - [0,387] ----D- D:\Documents and Settings\saidani\Application Data\SystemRequirementsLab O43 - CFD: 23/03/2003 - 12:49:52 - [0,101] ----D- D:\Documents and Settings\saidani\Application Data\THQ O43 - CFD: 31/05/2009 - 18:02:00 - [0,019] ----D- D:\Documents and Settings\saidani\Application Data\VitySoft O43 - CFD: 07/04/2003 - 23:53:28 - [0,459] ----D- D:\Documents and Settings\saidani\Application Data\vlc O43 - CFD: 28/11/2011 - 18:14:12 - [0] ----D- D:\Documents and Settings\saidani\Application Data\Windows Search O43 - CFD: 09/12/2002 - 17:27:20 - [0] ----D- D:\Documents and Settings\saidani\Application Data\WinRAR O43 - CFD: 03/11/2010 - 19:49:42 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\360Amigo O43 - CFD: 02/06/2009 - 23:19:44 - [45,393] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Adobe O43 - CFD: 03/06/2002 - 18:57:08 - [2,818] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Autodesk O43 - CFD: 21/05/2009 - 23:03:42 - [0,004] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\DFX O43 - CFD: 18/06/2009 - 17:31:44 - [382,042] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\ESET O43 - CFD: 29/10/2011 - 17:31:46 - [301,863] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Google O43 - CFD: 13/06/2009 - 10:28:38 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Help O43 - CFD: 11/12/2011 - 19:13:48 - [0,198] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\HP O43 - CFD: 10/03/2003 - 16:05:14 - [0,289] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Identities O43 - CFD: 09/10/2009 - 11:27:52 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\JollyBear O43 - CFD: 03/01/2012 - 13:42:06 - [386,599] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Microsoft O43 - CFD: 31/05/2009 - 15:46:40 - [49,457] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Mozilla O43 - CFD: 05/03/2003 - 20:32:26 - [0,052] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\NFS Underground 2 O43 - CFD: 03/09/2002 - 11:50:06 - [0,587] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Opera O43 - CFD: 28/11/2011 - 17:48:28 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\PackageAware O43 - CFD: 01/09/2002 - 10:25:30 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Panda Software O43 - CFD: 27/09/2002 - 16:08:44 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\PCHealth O43 - CFD: 01/04/2003 - 21:22:22 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\WMTools Downloaded Files ~ Scan Program Folder in 00mn 21s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.EDC794CB54B95A5A627D27E989AD718B] - 06/01/2012 - 16:21:39 ---A- . (...) -- D:\WINDOWS\WindowsUpdate.log [210426] O44 - LFC:[MD5.AB0E1F05EAE9CED65455010E26237828] - 06/01/2012 - 16:19:30 ---A- . (...) -- D:\WINDOWS\SchedLgU.Txt [32440] O44 - LFC:[MD5.0154D9AE4B1E7600F461199116A075ED] - 06/01/2012 - 16:13:56 ---A- . (...) -- D:\WINDOWS\wiadebug.log [263] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/01/2012 - 12:48:07 ---A- . (...) -- D:\WINDOWS\0.log [0] O44 - LFC:[MD5.C555B0108B281FCA465C98A860BFDE35] - 06/01/2012 - 12:47:38 ---A- . (...) -- D:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 06/01/2012 - 12:47:05 -S-A- . (...) -- D:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.C65CA6F10C70A31AE4888977EBF94D4B] - 06/01/2012 - 12:46:57 ---A- . (...) -- D:\WINDOWS\system32\FNTCACHE.DAT [270984] O44 - LFC:[MD5.579A5BB41DF9B25F0E22800FE218D386] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\FaxSetup.log [49464] O44 - LFC:[MD5.35F5EB73D626D0DBF5D3D5480EC26919] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\KB2639417.log [13213] O44 - LFC:[MD5.563FCBD46489B63D3ACF9041B2F69424] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\MedCtrOC.log [3400] O44 - LFC:[MD5.BD0409A2D2EDF53B84DC324B7D625435] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\comsetup.log [16700] O44 - LFC:[MD5.0643240E2A5430C86B25A573FD78A837] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\iis6.log [52937] O44 - LFC:[MD5.8A7EC51500C693A2AAE92051CC00F8A8] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\imsins.log [1355] O44 - LFC:[MD5.8515BB2FE7FD8176514D6AF3C3E190EA] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\msgsocm.log [2472] O44 - LFC:[MD5.2916C57085C593442228A7A455DEE8CF] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\netfxocm.log [8664] O44 - LFC:[MD5.2EE184C8C55EFF730689A57782A3FD46] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\ntdtcsetup.log [10084] O44 - LFC:[MD5.BE74612E47B23DF7DE5E021F39508569] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\ocgen.log [23648] O44 - LFC:[MD5.783EB7A20F22DEB1AC33EFA34D2010C9] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\ocmsn.log [2736] O44 - LFC:[MD5.E8E08991A10B0AF88D1E65D1E8D1BDAA] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\tabletoc.log [2488] O44 - LFC:[MD5.0AFFCD648925EF8970ACB0DC93AE6569] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\tsoc.log [22568] O44 - LFC:[MD5.70652CFFEE6FB37F98C4993A4BB6520C] - 06/01/2012 - 12:30:17 ---A- . (...) -- D:\WINDOWS\msmqinst.log [15112] O44 - LFC:[MD5.05CE57A8A2D89D8C043725D575BDB8CA] - 06/01/2012 - 12:30:09 ---A- . (...) -- D:\WINDOWS\KB2624667.log [12876] O44 - LFC:[MD5.F7A10895BB010701768C3D988ADD3B4A] - 06/01/2012 - 12:30:09 ---A- . (...) -- D:\WINDOWS\imsins.BAK [1355] O44 - LFC:[MD5.5FCF28F0E304A815561A9ED625D9A646] - 06/01/2012 - 12:30:07 ---A- . (...) -- D:\WINDOWS\updspapi.log [3648] O44 - LFC:[MD5.1842BBB5E936FB06444CCF3C3733FCBC] - 06/01/2012 - 12:30:01 ---A- . (...) -- D:\WINDOWS\KB2618444-IE8.log [16000] O44 - LFC:[MD5.5CF55030E341B8B5A86271AE87520172] - 06/01/2012 - 12:24:48 ---A- . (...) -- D:\WINDOWS\KB2633952.log [4094] O44 - LFC:[MD5.EAD739B048837549D7A36B37B1CF530D] - 06/01/2012 - 12:24:47 ---A- . (...) -- D:\WINDOWS\system32\TZLog.log [9740] O44 - LFC:[MD5.22DE99EAC588F775C2EFF284183E31AC] - 06/01/2012 - 12:22:41 ---A- . (...) -- D:\WINDOWS\KB2619339.log [7359] O44 - LFC:[MD5.A2137BF5E0C2D62D9B2086101CA242A3] - 06/01/2012 - 12:22:32 ---A- . (...) -- D:\WINDOWS\KB2618451.log [6730] O44 - LFC:[MD5.AC57DB7485DB7D56F7F2EC22AFAC234A] - 06/01/2012 - 12:21:40 ---A- . (...) -- D:\WINDOWS\KB2620712.log [7647] O44 - LFC:[MD5.348ABDBA7719CFED8783C09529430C8D] - 06/01/2012 - 12:21:11 ---A- . (...) -- D:\WINDOWS\KB2633171.log [9532] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/01/2012 - 12:21:05 ---A- . (...) -- D:\WINDOWS\setupact.log [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/01/2012 - 12:21:05 ---A- . (...) -- D:\WINDOWS\setuperr.log [0] O44 - LFC:[MD5.CF234D682894611A9384425A0E5BC13A] - 06/01/2012 - 12:12:42 ---A- . (...) -- D:\WINDOWS\system32\wpa.dbl [2206] O44 - LFC:[MD5.165D475189B374CBDD733A6306A87122] - 05/01/2012 - 20:32:53 ---A- . (...) -- D:\WINDOWS\wininit.ini [478] O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 03/01/2012 - 11:30:57 ---A- . (...) -- D:\WINDOWS\NeroDigital.ini [69] O44 - LFC:[MD5.78A2145443852E9297D38D70C88AEC06] - 02/01/2012 - 23:52:27 ---A- . (.Progressive Networks - Pas de description.) -- D:\WINDOWS\system32\pncrt.dll [272896] O44 - LFC:[MD5.DD798E7D8F45FD2BB73150EABBB39E9F] - 16/12/2011 - 15:58:12 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\WINDOWS\system32\java.exe [149280] O44 - LFC:[MD5.F0003BBE2DDBC6A86BCD8BB3E59A459E] - 16/12/2011 - 15:58:12 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\WINDOWS\system32\javaw.exe [149280] O44 - LFC:[MD5.7030C9615C98953C481553671DD7B9E5] - 16/12/2011 - 15:58:12 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- D:\WINDOWS\system32\javaws.exe [157472] O44 - LFC:[MD5.CCEA6FFAB3EA101FF65181FDC4C19C14] - 16/12/2011 - 15:58:05 ---A- . (...) -- D:\WINDOWS\system32\jupdate-1.6.0_30-b12.log [4292] O44 - LFC:[MD5.A7E4D2AAF4FC8F67AE0F5E4535BBF27D] - 14/12/2011 - 13:23:54 ---A- . (...) -- D:\WINDOWS\system32\perfc009.dat [71336] O44 - LFC:[MD5.B737F34153E119CC9E23D895762E0DA9] - 14/12/2011 - 13:23:54 ---A- . (...) -- D:\WINDOWS\system32\perfc00C.dat [85394] O44 - LFC:[MD5.D1D34DB4C2E66B78718D89CFDC2981B5] - 14/12/2011 - 13:23:54 ---A- . (...) -- D:\WINDOWS\system32\perfh009.dat [441018] O44 - LFC:[MD5.8AD5D6B58F334EB473F989FD163E2697] - 14/12/2011 - 13:23:54 ---A- . (...) -- D:\WINDOWS\system32\perfh00C.dat [510528] O44 - LFC:[MD5.D3A55C9E44420AD9264BC19FECB33A77] - 09/12/2011 - 15:16:17 ---A- . (...) -- D:\ComboFix.txt [419918] O44 - LFC:[MD5.8A3F39602B71B4D8B86C6B71F3187D6A] - 09/12/2011 - 15:13:18 ---A- . (...) -- D:\WINDOWS\system.ini [285] ~ Scan Files in 00mn 20s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- D:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- D:\WINDOWS\Network Diagnostic\xpnetdiag.exe ~ Scan Keys in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- D:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- D:\WINDOWS\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- D:\WINDOWS\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- D:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- D:\WINDOWS\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- D:\WINDOWS\system32\wdigest.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- D:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- D:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- D:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- D:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- D:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- D:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- D:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- D:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- D:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- D:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- D:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- D:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- D:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- D:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- D:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- D:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- D:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- D:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- D:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- D:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- D:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) ~ Scan CSB in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ Scan IFEO in 00mn 00s ---\\ MountPoints2 Shell Key (O51) (None) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- D:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- D:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- D:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- D:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- D:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- D:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="D:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- D:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- D:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="D:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- D:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- D:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"D:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- D:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"D:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- D:\WINDOWS\system32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\AcerOrbicamRibbon [Key] . (...) -- D:\Program Files\Acer\OrbiCam10\OrbiCam.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\CTFMON [Key] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- D:\WINDOWS\system32\wscript.exe O53 - SMSR:HKLM\...\startupreg\LogitechCommunicationsManager [Key] . (.Acer Inc. - Communications Manager.) -- D:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe O53 - SMSR:HKLM\...\startupreg\LVCOMSX [Key] . (.Logitech Inc. - LVCom Server.) -- D:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingA1878 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT" (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingA4088 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.dll (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingA6025 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingA8064 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingB1652 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT" (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingB7198 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.dll (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingB8770 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingB9244 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingC4791 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingC5288 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingC8319 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingC9349 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingD5492 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingD6903 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingD7589 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingD9174 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O53 - SMSR:HKLM\...\startupreg\VirtualCloneDrive [Key] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- D:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- D:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- D:\WINDOWS\system32\digest.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoResolveSearch"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.38325C6AA8EAE011897D61CE48EC6435] - 06/01/2012 - 14:13:38 ---A- . (.Agere Systems - SoftModem Device Driver.) -- D:\WINDOWS\system32\drivers\AGRSM.sys [1202560] O58 - SDL:[MD5.551D52AA398392F427CE2538051DA947] - 06/01/2012 - 15:08:22 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- D:\WINDOWS\system32\drivers\avgntflt.sys [55640] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/01/2012 - 00:00:00 ---A- . (...) -- D:\WINDOWS\system32\drivers\cdaudio.sys [18688] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 06/01/2012 - 01:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- D:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 06/01/2012 - 01:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- D:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.9309C5C9831203436E64CF2AE605C5D7] - 06/01/2012 - 14:24:52 ---A- . (.ESET - Amon monitor.) -- D:\WINDOWS\system32\drivers\eamon.sys [154136] O58 - SDL:[MD5.DEFF87F04AB5F6DD5EDF2B80853BBE10] - 06/01/2012 - 09:20:36 ---A- . (.ESET - ESET Helper driver.) -- D:\WINDOWS\system32\drivers\ehdrv.sys [118104] O58 - SDL:[MD5.D71233D7CCC2E64F8715A20428D5A33B] - 06/01/2012 - 23:57:57 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- D:\WINDOWS\system32\drivers\ElbyCDIO.sys [31088] O58 - SDL:[MD5.5BA193CA0AE31209AAA39939CE6736B2] - 06/01/2012 - 09:20:38 ---A- . (.ESET - ESET Personal Firewall driver.) -- D:\WINDOWS\system32\drivers\epfw.sys [147480] O58 - SDL:[MD5.75D3BCD3E0EDED0AB0F96D9A10FF01C9] - 06/01/2012 - 09:37:28 ---A- . (.ESET - ESET Personal Firewall NDIS filter.) -- D:\WINDOWS\system32\drivers\epfwndis.sys [39824] O58 - SDL:[MD5.DC64F26F35E32C9472BBF8ACD84060D3] - 06/01/2012 - 09:20:38 ---A- . (.ESET - ESET Personal Firewall TDI filter.) -- D:\WINDOWS\system32\drivers\epfwtdi.sys [61936] O58 - SDL:[MD5.9F1D80908658EB7F1BF70809E0B51470] - 06/01/2012 - 11:43:26 ---A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- D:\WINDOWS\system32\drivers\hpzid412.sys [51120] O58 - SDL:[MD5.F7E3E9D50F9CD3DE28085A8FDAA0A1C3] - 06/01/2012 - 11:43:26 ---A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- D:\WINDOWS\system32\drivers\HPZipr12.sys [16496] O58 - SDL:[MD5.CF1B7951B4EC8D13F3C93B74BB2B461B] - 06/01/2012 - 11:43:28 ---A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- D:\WINDOWS\system32\drivers\HPZius12.sys [21744] O58 - SDL:[MD5.BC1F1FF8D5800398937966CDB0A97FDC] - 06/01/2012 - 13:20:20 R--A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- D:\WINDOWS\system32\drivers\ialmnt5.sys [1353820] O58 - SDL:[MD5.330A6A0BAF4FD945BDE14C7B1D88D9B9] - 06/01/2012 - 16:14:42 ---A- . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- D:\WINDOWS\system32\drivers\idmtdi.sys [101616] O58 - SDL:[MD5.48846B31BE5A4FA662CCFDE7A1BA86B9] - 06/01/2012 - 12:12:06 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- D:\WINDOWS\system32\drivers\igxpmp32.sys [5854752] O58 - SDL:[MD5.FAB690AD3D3949B9ED227508734C8A85] - 06/01/2012 - 12:28:40 ---A- . (.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) -- D:\WINDOWS\system32\drivers\klim5.sys [24592] O58 - SDL:[MD5.B65359729BD5221F1DFE535199501F77] - 06/01/2012 - 02:36:12 ---A- . (.Logitech Inc. - USB Camera Driver.) -- D:\WINDOWS\system32\drivers\lv321av.sys [847392] O58 - SDL:[MD5.5492F579AD7BF7DD61BE35AD18FF0AD7] - 06/01/2012 - 20:45:10 ---A- . (...) -- D:\WINDOWS\system32\drivers\LVMVdrv.sys [2400128] O58 - SDL:[MD5.D8CF31431AA398C1D79931203A75332F] - 06/01/2012 - 20:45:10 ---A- . (...) -- D:\WINDOWS\system32\drivers\LVPrcMon.sys [16768] O58 - SDL:[MD5.05743FFFC2BC88CC8E426321BC6A762E] - 06/01/2012 - 06:23:16 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- D:\WINDOWS\system32\drivers\NETw5x32.sys [3636864] O58 - SDL:[MD5.72062B53186E4A3F5FCBC41EBB62B905] - 06/01/2012 - 05:11:38 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- D:\WINDOWS\system32\drivers\NETwLx32.sys [6609920] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 06/01/2012 - 01:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- D:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 06/01/2012 - 01:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- D:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 06/01/2012 - 01:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- D:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 06/01/2012 - 01:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- D:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.19EEDB7E20D269D547CE74AF90FEAE2D] - 06/01/2012 - 17:47:00 R---- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- D:\WINDOWS\system32\drivers\RtkHDAud.Sys [4241920] O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 06/01/2012 - 23:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- D:\WINDOWS\system32\drivers\RTL8139.sys [20992] O58 - SDL:[MD5.CF84B1F0E8B14D4120AAF9CF35CBB265] - 06/01/2012 - 14:29:52 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- D:\WINDOWS\system32\drivers\Rtnicxp.sys [130432] O58 - SDL:[MD5.27FC71DA659305E260ACBDA15A318399] - 06/01/2012 - 22:15:04 ---A- . (.Intel Corporation - Intel WLAN Packet Driver.) -- D:\WINDOWS\system32\drivers\s24trans.sys [13952] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 06/01/2012 - 09:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- D:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/01/2012 - 00:00:00 ---A- . (...) -- D:\WINDOWS\system32\drivers\sptd.sys [721904] O58 - SDL:[MD5.654DFEA96BC82B4ACDA4F37E5E4A3BBF] - 06/01/2012 - 09:12:24 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- D:\WINDOWS\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 06/01/2012 - 15:05:00 ---A- . (...) -- D:\WINDOWS\system32\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.9179E07503630D6FB2E4162FF0196191] - 06/01/2012 - 09:30:00 R--A- . (.Texas Instruments - tifm21.sys.) -- D:\WINDOWS\system32\drivers\tifm21.sys [162432] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 06/01/2012 - 01:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- D:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.FCE98C43B5C5DB8E0DA8EA0E2B45E044] - 06/01/2012 - 17:20:14 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- D:\WINDOWS\system32\drivers\VClone.sys [30208] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 06/01/2012 - 01:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- D:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.F07BA56B0235F15EFF8F10DC6389C42E] - 06/01/2012 - 13:54:56 ---A- . (...) -- D:\WINDOWS\system32\epmntdrv.sys [13192] O58 - SDL:[MD5.1F2F4AB15CE03ECC257FEB2F6DC5A013] - 06/01/2012 - 13:54:56 ---A- . (...) -- D:\WINDOWS\system32\EuGdiDrv.sys [8456] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 06/01/2012 - 03:46:56 ---A- . (...) -- D:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 06/01/2012 - 03:45:26 ---A- . (...) -- D:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 06/01/2012 - 03:45:16 ---A- . (...) -- D:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 06/01/2012 - 03:45:12 ---A- . (...) -- D:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 06/01/2012 - 03:45:16 ---A- . (...) -- D:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 06/01/2012 - 03:45:14 ---A- . (...) -- D:\WINDOWS\system32\ntio804.sys [34560] ~ Scan Drivers in 00mn 05s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 11/12/2007 - D:\WINDOWS\system32\agrsmsvc.exe (AgereModemAudio) .(.Agere Systems - Agere Soft Modem Call Progress Service.) - LEGACY_AGEREMODEMAUDIO O64 - Services: CurCS - 03/06/2002 - D:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe (Autodesk Licensing Service) .(.Autodesk - System Level Service Utility.) - LEGACY_AUTODESK_LICENSING_SERVICE O64 - Services: CurCS - ??\??\???? - (COMSysApp) .(. - .) - LEGACY_COMSYSAPP O64 - Services: CurCS - 18/12/2009 - D:\Program Files\systemRequirementsLab\cpudrv.sys - cpudrv (cpudrv) .(...) - LEGACY_CPUDRV O64 - Services: CurCS - 13/04/2008 - D:\WINDOWS\system32\dmadmin.exe (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 13/04/2008 - D:\WINDOWS\system32\drivers\dmboot.sys (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 07/09/2002 - D:\WINDOWS\system32\drivers\dmload.sys (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 13/04/2008 - D:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - 09/08/2011 - D:\WINDOWS\system32\DRIVERS\eamon.sys (eamon) .(.ESET - Amon monitor.) - LEGACY_EAMON O64 - Services: CurCS - 04/08/2011 - D:\WINDOWS\system32\DRIVERS\ehdrv.sys (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV O64 - Services: CurCS - 22/09/2011 - D:\Program Files\ESET\ESET Smart Security\ekrn.exe (ekrn) .(.ESET - ESET Service.) - LEGACY_EKRN O64 - Services: CurCS - 16/12/2010 - D:\WINDOWS\system32\Drivers\ElbyCDIO.sys (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO O64 - Services: CurCS - 04/08/2011 - D:\WINDOWS\system32\DRIVERS\epfw.sys (epfw) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFW O64 - Services: CurCS - 04/08/2011 - D:\WINDOWS\system32\DRIVERS\epfwtdi.sys (epfwtdi) .(.ESET - ESET Personal Firewall TDI filter.) - LEGACY_EPFWTDI O64 - Services: CurCS - 13/04/2008 - D:\WINDOWS\system32\svchost.exe (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - 22/06/2011 - D:\Program Files\Intel\WiFi\bin\EvtEng.exe (EvtEng) .(.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) - LEGACY_EVTENG O64 - Services: CurCS - 03/11/2010 - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (FLEXnet Licensing Service) .(.Macrovision Europe Ltd. - Activation Licensing Service.) - LEGACY_FLEXNET_LICENSING_SERVIC O64 - Services: CurCS - 29/10/2011 - D:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - 13/04/2008 - D:\WINDOWS\system32\svchost.exe (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - 06/07/2011 - D:\WINDOWS\system32\DRIVERS\idmtdi.sys (IDMTDI) .(.Tonec Inc. - Internet Download Manager TDI Driver.) - LEGACY_IDMTDI O64 - Services: CurCS - 10/11/2011 - D:\Program Files\Java\jre6\bin\jqs.exe (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 30/11/2005 - D:\WINDOWS\system32\drivers\LVPrcMon.sys - Logitech LVPrcMon Driver (LVPrcMon) .(...) - LEGACY_LVPRCMON O64 - Services: CurCS - 30/11/2005 - D:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe (LVPrcSrv) .(.Logitech - Logitech LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - 17/10/2011 - D:\Program Files\ma-config.com\maconfservice.exe (maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE O64 - Services: CurCS - 29/09/2004 - D:\WINDOWS\system32\HPZipm12.exe (Pml Driver HPZ12) .(.HP - PML Driver.) - LEGACY_PML_DRIVER_HPZ12 O64 - Services: CurCS - 22/06/2011 - D:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe (RegSrvc) .(.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) - LEGACY_REGSRVC O64 - Services: CurCS - 22/06/2011 - D:\Program Files\Intel\WiFi\bin\S24EvMon.exe (S24EventMonitor) .(.Intel® Corporation - Intel® Wireless Management Service.) - LEGACY_S24EVENTMONITOR O64 - Services: CurCS - 19/05/2010 - D:\WINDOWS\system32\DRIVERS\s24trans.sys (s24trans) .(.Intel Corporation - Intel WLAN Packet Driver.) - LEGACY_S24TRANS O64 - Services: CurCS - ??\??\???? - D:\WINDOWS\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 11/05/2009 - D:\WINDOWS\system32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <Opera.HTML>[HKLM\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- D:\WINDOWS\system32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- D:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- D:\WINDOWS\system32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- D:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- D:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS\system32\ie4uinit.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS\system32\ie4uinit.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS\system32\ie4uinit.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - Bing ~ Scan Keys in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- D:\WINDOWS\system32\appmgmts.dll [176640] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- D:\WINDOWS\system32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- D:\WINDOWS\system32\browser.dll [77824] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- D:\WINDOWS\system32\cryptsvc.dll [62464] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- D:\WINDOWS\system32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- D:\WINDOWS\system32\dhcpcsvc.dll [127488] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- D:\WINDOWS\system32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- D:\WINDOWS\system32\es.dll [253952] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- D:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: HidServ (HidServ) . (...) -- D:\WINDOWS\system32\hidserv.dll [0] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- D:\WINDOWS\system32\srvsvc.dll [99840] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- D:\WINDOWS\system32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- D:\WINDOWS\system32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- D:\WINDOWS\system32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\system32\mswsock.dll [247808] O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- D:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- D:\WINDOWS\system32\rasauto.dll [88576] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- D:\WINDOWS\system32\rasmans.dll [186368] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- D:\WINDOWS\system32\mprdim.dll [53248] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- D:\WINDOWS\system32\schedsvc.dll [194560] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- D:\WINDOWS\system32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- D:\WINDOWS\system32\sens.dll [39424] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- D:\WINDOWS\system32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- D:\WINDOWS\system32\srsvc.dll [171520] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- D:\WINDOWS\system32\tapisrv.dll [249856] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- D:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- D:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- D:\WINDOWS\system32\w32time.dll [178176] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- D:\WINDOWS\system32\wzcsvc.dll [483840] O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- D:\WINDOWS\system32\advapi32.dll [685568] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- D:\WINDOWS\system32\wbem\WMIsvc.dll [145408] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- D:\WINDOWS\system32\wscsvc.dll [80896] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- D:\WINDOWS\system32\xmlprov.dll [129024] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- D:\WINDOWS\system32\qmgr.dll [409088] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- D:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- D:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400] O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- D:\WINDOWS\system32\mspmsnsv.dll [27136] O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- D:\WINDOWS\system32\qagentrt.dll [293376] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- D:\WINDOWS\system32\kmsvc.dll [61440] ~ Scan Services in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.FCE23FBF8A4495ECC17CACFE11A2D544] [sPRF][26/08/2008] (.Inekman - Xtremsplit v1.2.) -- D:\Documents and Settings\saidani\Bureau\Xtremsplit.exe [305664] [MD5.92149D7FC2B90B189F8AEECC2F9DDCEE] [sPRF][12/02/2007] (.Autodesk, Inc. - Autodesk i-drop control.) -- D:\WINDOWS\Downloaded Program Files\IDropENU.dll [114792] [MD5.352035CA37302C43A0B028CFD416C859] [sPRF][16/02/2007] (.Autodesk, Inc. - Autodesk i-drop control.) -- D:\WINDOWS\Downloaded Program Files\IDropFRA.dll [114768] ~ Scan Files in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : 8933 - (06/01/2012) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKCU\Software\PopCap] =>Adware.PopCap ~ Scan Additionnel in 00mn 10s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 06/01/2012 12800 | (AgereModemAudio) . (.Agere Systems.) - D:\WINDOWS\system32\agrsmsvc.exe SS - | Auto 0 | (AntiVirUpgradeService) . (...) - D:\DOCUME~1\saidani\LOCALS~1\Temp\AVSETUP_4a434603\basic\avupgsvc.exe SS - | Demand 06/01/2012 85096 | (Autodesk Licensing Service) . (.Autodesk.) - D:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe SS - | Demand 06/01/2012 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - D:\WINDOWS\system32\dmadmin.exe SR - | Auto 06/01/2012 974944 | (ekrn) . (.ESET.) - D:\Program Files\ESET\ESET Smart Security\ekrn.exe SS - | Demand 0 | (EverestDriver) . (...) - D:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt SR - | Auto 06/01/2012 866576 | (EvtEng) . (.Intel® Corporation.) - D:\Program Files\Intel\WiFi\bin\EvtEng.exe SS - | Demand 06/01/2012 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Auto 06/01/2012 136176 | (gupdate) . (.Google Inc..) - D:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 06/01/2012 136176 | (gupdatem) . (.Google Inc..) - D:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 06/01/2012 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - D:\Program Files\Java\jre6\bin\jqs.exe SR - | Auto 06/01/2012 81920 | (LVPrcSrv) . (.Logitech.) - D:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe SS - | Demand 06/01/2012 311928 | (maconfservice) . (.CybelSoft.) - D:\Program Files\ma-config.com\maconfservice.exe SS - | Auto 06/01/2012 69632 | (Pml Driver HPZ12) . (.HP.) - D:\WINDOWS\system32\HPZipm12.exe SR - | Auto 06/01/2012 481552 | (RegSrvc) . (.Intel® Corporation.) - D:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe SR - | Auto 06/01/2012 882960 | (S24EventMonitor) . (.Intel® Corporation.) - D:\Program Files\Intel\WiFi\bin\S24EvMon.exe ~ Scan Services in 00mn 11s ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/01/2012 - 00:00:00 ---A- . (...) -- D:\WINDOWS\system32\drivers\sptd.sys [721904] ~ Scan Emulateurs in 00mn 11s End of the scan (1272 lines in 01mn 30s)(0)